Guide to the Secure Configuration of Red Hat Enterprise Linux 8

with profile DISA STIG for Red Hat Enterprise Linux 8
This profile contains configuration checks that align to the DISA STIG for Red Hat Enterprise Linux 8 V1R11. In addition to being applicable to Red Hat Enterprise Linux 8, DISA recognizes this configuration baseline as applicable to the operating system tier of Red Hat technologies that are based on Red Hat Enterprise Linux 8, such as: - Red Hat Enterprise Linux Server - Red Hat Enterprise Linux Workstation and Desktop - Red Hat Enterprise Linux for HPC - Red Hat Storage - Red Hat Containers with a Red Hat Enterprise Linux 8 image
This guide presents a catalog of security-relevant configuration settings for Red Hat Enterprise Linux 8. It is a rendering of content structured in the eXtensible Configuration Checklist Description Format (XCCDF) in order to support security automation. The SCAP content is is available in the scap-security-guide package which is developed at https://www.open-scap.org/security-policies/scap-security-guide.

Providing system administrators with such guidance informs them how to securely configure systems under their control in a variety of network roles. Policy makers and baseline creators can use this catalog of settings, with its associated references to higher-level security control catalogs, in order to assist them in security baseline creation. This guide is a catalog, not a checklist, and satisfaction of every item is not likely to be possible or sensible in many operational scenarios. However, the XCCDF format enables granular selection and adjustment of settings, and their association with OVAL and OCIL content provides an automated checking capability. Transformations of this document, and its associated automated checking content, are capable of providing baselines that meet a diverse set of policy objectives. Some example XCCDF Profiles, which are selections of items that form checklists and can be used as baselines, are available with this guide. They can be processed, in an automated fashion, with tools that support the Security Content Automation Protocol (SCAP). The DISA STIG, which provides required settings for US Department of Defense systems, is one example of a baseline created from this guidance.
Do not attempt to implement any of the settings in this guide without first testing them in a non-operational environment. The creators of this guidance assume no responsibility whatsoever for its use by other parties, and makes no guarantees, expressed or implied, about its quality, reliability, or any other characteristic.

Evaluation Characteristics

Evaluation targetlocalhost.localdomain
Target IDpodman-image://e4bdd543de7e66a4e4b2e645b7424743e35c5092dcfb1e2aea04ef87790a8ac1 [registry.twistlock.com/twistlock/console:console_31_01_123]
Benchmark URL./scap-security-guide-0.1.69/ssg-rhel8-ds.xml
Benchmark IDxccdf_org.ssgproject.content_benchmark_RHEL-8
Benchmark version0.1.69
Profile IDxccdf_org.ssgproject.content_profile_stig
Started at2023-09-07T06:59:49+00:00
Finished at2023-09-07T06:59:54+00:00
Performed by unknown user
Test systemcpe:/a:redhat:openscap:1.3.7

CPE Platforms

  • cpe:/o:redhat:enterprise_linux:8.8
  • cpe:/o:redhat:enterprise_linux:8
  • cpe:/o:redhat:enterprise_linux:8.0
  • cpe:/o:redhat:enterprise_linux:8.1
  • cpe:/o:redhat:enterprise_linux:8.10
  • cpe:/o:redhat:enterprise_linux:8.2
  • cpe:/o:redhat:enterprise_linux:8.3
  • cpe:/o:redhat:enterprise_linux:8.4
  • cpe:/o:redhat:enterprise_linux:8.5
  • cpe:/o:redhat:enterprise_linux:8.6
  • cpe:/o:redhat:enterprise_linux:8.7
  • cpe:/o:redhat:enterprise_linux:8.9

Addresses

    Compliance and Scoring

    The target system did not satisfy the conditions of 11 rules! Please review rule results and consider applying remediation.

    Rule results

    1360 passed
    11 failed
    2 other

    Severity of failed rules

    0 other
    0 low
    9 medium
    2 high

    Score

    Scoring systemScoreMaximumPercent
    urn:xccdf:scoring:default80.642365100.000000
    80.64%

    Rule Overview

    Group rules by:
    TitleSeverityResult
    Guide to the Secure Configuration of Red Hat Enterprise Linux 8 11x fail 2x notchecked
    System Settings 11x fail 2x notchecked
    Installing and Maintaining Software 6x fail
    System and Software Integrity 6x fail
    Software Integrity Checking
    Verify Integrity with AIDE
    Install AIDEmedium
    notapplicable
    Build and Test AIDE Databasemedium
    notapplicable
    Configure AIDE to Verify the Audit Toolsmedium
    notapplicable
    Configure Notification of Post-AIDE Scan Detailsmedium
    notapplicable
    Configure AIDE to Verify Access Control Lists (ACLs)low
    notapplicable
    Configure AIDE to Verify Extended Attributeslow
    notapplicable
    Audit Tools Must Be Group-owned by Rootmedium
    notapplicable
    Audit Tools Must Be Owned by Rootmedium
    notapplicable
    Audit Tools Must Have a Mode of 0755 or Less Permissivemedium
    notapplicable
    Federal Information Processing Standard (FIPS)
    Enable Dracut FIPS Modulehigh
    notapplicable
    Enable FIPS Modehigh
    notapplicable
    Set kernel parameter 'crypto.fips_enabled' to 1high
    notapplicable
    System Cryptographic Policies 6x fail
    Configure BIND to use System Crypto Policyhigh
    pass
    Configure System Cryptography Policyhigh
    fail
    Configure GnuTLS library to use DoD-approved TLS Encryptionmedium
    fail
    Configure Kerberos to use System Crypto Policyhigh
    pass
    Configure Libreswan to use System Crypto Policyhigh
    pass
    Configure OpenSSL library to use System Crypto Policymedium
    pass
    Configure OpenSSL library to use TLS Encryptionmedium
    pass
    Configure SSH to use System Crypto Policymedium
    pass
    Configure SSH Client to Use FIPS 140-2 Validated Ciphers: openssh.confighigh
    fail
    Configure SSH Server to Use FIPS 140-2 Validated Ciphers: opensshserver.configmedium
    fail
    Configure SSH Client to Use FIPS 140-2 Validated MACs: openssh.configmedium
    fail
    Configure SSH Server to Use FIPS 140-2 Validated MACs: opensshserver.configmedium
    fail
    Operating System Vendor Support and Certification
    The Installed Operating System Is Vendor Supportedhigh
    pass
    Endpoint Protection Software
    McAfee Endpoint Security Software
    McAfee Endpoint Security for Linux (ENSL)
    Install McAfee Endpoint Security for Linux (ENSL)medium
    notapplicable
    Ensure McAfee Endpoint Security for Linux (ENSL) is runningmedium
    notapplicable
    Disk Partitioning
    Encrypt Partitionshigh
    notapplicable
    Ensure /home Located On Separate Partitionlow
    notapplicable
    Ensure /tmp Located On Separate Partitionlow
    notapplicable
    Ensure /var Located On Separate Partitionlow
    notapplicable
    Ensure /var/log Located On Separate Partitionlow
    notapplicable
    Ensure /var/log/audit Located On Separate Partitionlow
    notapplicable
    Ensure /var/tmp Located On Separate Partitionmedium
    notapplicable
    GNOME Desktop Environment
    Disable the GNOME3 Login User Listmedium
    notapplicable
    Enable the GNOME3 Screen Locking On Smartcard Removalmedium
    notapplicable
    Configure GNOME Screen Locking
    Set GNOME3 Screensaver Inactivity Timeoutmedium
    notapplicable
    Set GNOME3 Screensaver Lock Delay After Activation Periodmedium
    notapplicable
    Enable GNOME3 Screensaver Lock After Idle Periodmedium
    notapplicable
    Ensure Users Cannot Change GNOME3 Screensaver Settingsmedium
    notapplicable
    Ensure Users Cannot Change GNOME3 Session Idle Settingsmedium
    notapplicable
    GNOME System Settings
    Disable Ctrl-Alt-Del Reboot Key Sequence in GNOME3high
    notapplicable
    Sudo
    Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticatemedium
    pass
    Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWDmedium
    pass
    Require Re-Authentication When Using the sudo Commandmedium
    notapplicable
    The operating system must restrict privilege elevation to authorized personnelmedium
    notapplicable
    Ensure sudo only includes the default configuration directorymedium
    pass
    Ensure invoking users password for privilege escalation when using sudomedium
    notapplicable
    System Tooling / Utilities
    Install rng-tools Packagelow
    notapplicable
    Uninstall abrt-addon-ccpp Packagelow
    pass
    Uninstall abrt-addon-kerneloops Packagelow
    pass
    Uninstall abrt-cli Packagelow
    pass
    Uninstall abrt-plugin-sosreport Packagelow
    pass
    Uninstall gssproxy Packagemedium
    pass
    Uninstall iprutils Packagemedium
    pass
    Uninstall krb5-workstation Packagemedium
    notapplicable
    Uninstall libreport-plugin-logger Packagelow
    pass
    Uninstall libreport-plugin-rhtsupport Packagelow
    pass
    Uninstall python3-abrt-addon Packagelow
    pass
    Uninstall tuned Packagemedium
    pass
    Updating Software
    Ensure yum Removes Previous Package Versionslow
    notapplicable
    Ensure gpgcheck Enabled In Main yum Configurationhigh
    notapplicable
    Ensure gpgcheck Enabled for Local Packageshigh
    notapplicable
    Ensure gpgcheck Enabled for All yum Package Repositorieshigh
    pass
    Ensure Red Hat GPG Key Installedhigh
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234954) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234952) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234877) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234864) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234706) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234645) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234643) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234635) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234570) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234541) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234539) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234537) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234536) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234535) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234531) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234529) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234527) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234524) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234523) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234520) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234517) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234498) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234497) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234468) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234419) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234418) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234328) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234202) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234176) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234175) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234159) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234103) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234102) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234100) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234076) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234063) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234059) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234058) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234035) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234034) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233949) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233922) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233847) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233840) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233839) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233837) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233827) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233822) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233821) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233819) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233811) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233781) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233780) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233661) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233594) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233593) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233591) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233590) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233588) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233584) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233582) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233433) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233425) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233351) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233350) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233349) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233319) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233246) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233221) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233220) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233109) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233108) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233107) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233106) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233104) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233097) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233095) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233087) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233083) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233082) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233068) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233067) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233042) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233018) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233002) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233000) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232987) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232969) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232963) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232951) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232948) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232932) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232903) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232898) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232893) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232883) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232873) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232870) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232867) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232866) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232863) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232860) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232859) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232851) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232834) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232830) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232810) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232806) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232805) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232802) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232801) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232800) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232792) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232786) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232785) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232784) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232780) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232771) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232764) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232763) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232758) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232757) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232736) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232122) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232076) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231930) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231919) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231908) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231898) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231895) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231802) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231787) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231743) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231673) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231659) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231584) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231583) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231582) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231576) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231572) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231569) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231566) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231551) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231405) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231403) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231336) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231252) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231140) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230902) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230855) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230854) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230852) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230848) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230842) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230839) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230838) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230837) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230835) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230833) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230832) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230821) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230808) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230662) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230625) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230610) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230606) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230463) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230446) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230379) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230288) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230284) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230208) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230200) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230192) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230173) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230171) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230128) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230123) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230116) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230114) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230113) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230110) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230103) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230101) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230100) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230099) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230096) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230095) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230089) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230087) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230079) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230050) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230049) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230016) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20229074) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20229073) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20229067) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20229058) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228833) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228649) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228638) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228554) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228547) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228492) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227928) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227830) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227826) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227822) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227821) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227813) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227811) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227793) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227790) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227745) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227730) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227720) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227715) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227704) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227700) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227692) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227683) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227648) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227647) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227645) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227643) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227640) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227639) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227633) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227628) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227624) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227623) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227622) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227618) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227594) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227593) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227592) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227585) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227583) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227581) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227558) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227548) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227541) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227529) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227524) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227519) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227514) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227482) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227472) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227470) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227469) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227464) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227461) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227458) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227457) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227447) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227444) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227192) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227190) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227137) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227134) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227133) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227129) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227128) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227119) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227111) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227110) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227108) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227106) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227105) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227089) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227070) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227024) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227023) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227012) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227006) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227000) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226964) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226912) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226911) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226878) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226820) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226781) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226778) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226775) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226735) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226708) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226702) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226542) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226540) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226539) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226523) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226463) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226460) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226457) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226450) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226449) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226448) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226447) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226443) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226439) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226437) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226357) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226314) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226206) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226180) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226175) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226164) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226159) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226158) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226058) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226057) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225839) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225837) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225834) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225826) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225823) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225821) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225819) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225818) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225813) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225809) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225779) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225777) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225775) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225774) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225726) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225717) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225696) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225683) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225597) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225565) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225564) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225526) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225470) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225469) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225468) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225467) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225344) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225338) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225337) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225331) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225326) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225319) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225317) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225316) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225314) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225313) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225311) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225219) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225163) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225095) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225061) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225056) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225046) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224991) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224941) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224887) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224872) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224855) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224807) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224805) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224799) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224798) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224797) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224796) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224776) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224769) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224661) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222234) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222202) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222201) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222200) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222199) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222143) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222129) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222120) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222110) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222092) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222081) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222074) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222043) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222031) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222013) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222008) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221991) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221988) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221986) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221975) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221968) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221964) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221961) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221950) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221939) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221935) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221934) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221932) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221930) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221920) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221917) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221915) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221898) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221894) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221891) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221861) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221860) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221851) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221842) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221830) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221823) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221821) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221820) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221819) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221814) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221810) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221808) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221801) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221797) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221796) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221793) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221792) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221781) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221777) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221766) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221764) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221763) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221762) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221759) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221730) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221705) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221643) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221642) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221566) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221565) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221557) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221556) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221555) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221552) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221550) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221546) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221537) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221535) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221491) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221445) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221442) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221301) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221287) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221065) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221049) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220970) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220951) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220899) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220896) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220894) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220892) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220891) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220889) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220886) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220849) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220845) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220830) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220827) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220826) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220825) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220819) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220818) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220672) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220658) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220643) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220545) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220543) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220535) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220510) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220496) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220495) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220441) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220418) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220370) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220368) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220366) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220350) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220345) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220332) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220323) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220307) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220290) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220267) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220258) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220232) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220199) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220188) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220185) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220177) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220176) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220161) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220130) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220129) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20220001) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20215241) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20215238) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20215236) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20215235) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20215227) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20215226) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20215171) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20215160) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20215142) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20215082) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20215045) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20215013) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214916) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214903) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214826) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214743) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214649) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214647) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214646) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214645) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214622) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214595) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214594) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214593) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214592) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214591) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214590) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214587) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214586) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214585) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214537) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214526) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214519) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214517) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214513) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214511) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214510) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214489) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214464) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214455) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214451) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214432) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214426) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214424) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214413) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214409) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214408) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214404) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214399) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214396) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214393) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214387) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214386) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214385) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214384) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214382) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214381) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214374) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214373) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214368) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214364) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214361) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214358) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214356) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214339) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214326) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214325) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214324) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214321) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214319) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214316) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214315) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214292) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214288) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214270) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214257) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214256) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214251) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214241) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214236) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214235) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214231) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214226) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214222) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214221) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214213) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214201) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214198) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214191) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214181) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214179) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214173) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214172) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214162) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214161) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214160) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214158) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214156) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214154) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214153) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214151) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214150) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214149) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214142) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214140) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214139) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214135) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214130) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214123) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214122) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214097) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214089) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214088) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214060) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214059) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214058) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214057) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214056) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20214042) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213945) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213918) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213893) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213891) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213838) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213819) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213816) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213771) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213755) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213666) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213623) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213590) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213585) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213582) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213576) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213572) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213548) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213547) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213499) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213497) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213492) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213447) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213440) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213436) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213253) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213157) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213155) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213153) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213152) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213151) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213148) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213145) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213142) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213088) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213081) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213079) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213076) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213075) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213074) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213073) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213066) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213063) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213061) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213058) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213057) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213044) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213027) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20213020) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212988) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212883) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212781) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212776) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212743) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212717) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212716) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212715) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212714) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212660) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212599) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212595) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212591) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212588) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212587) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212584) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212583) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212575) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212574) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212570) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212569) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212566) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212563) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212375) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212372) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212371) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212370) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212363) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212361) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212360) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212359) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212354) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212353) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212352) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212308) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212291) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212290) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212264) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212259) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212238) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212235) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212233) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212170) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212169) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212168) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212165) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212037) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212036) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20212034) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211989) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211983) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211979) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211972) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211968) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211935) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211924) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211898) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211887) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211881) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211879) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211859) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211853) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211852) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211849) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211846) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211842) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211811) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211809) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211804) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211796) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211791) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211789) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211783) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211775) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211762) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211761) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211758) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211756) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211752) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211751) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211746) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211744) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211739) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211734) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211723) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211702) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211686) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211679) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211678) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211675) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211647) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211633) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211631) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211627) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211620) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211611) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211610) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211609) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211608) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211600) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211598) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211597) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211593) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211586) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211585) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211582) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211581) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211578) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211574) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211360) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211353) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211307) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211301) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211242) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211206) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211197) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211193) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211093) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211086) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211081) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211068) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211064) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20211024) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210993) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210990) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210966) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210809) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210793) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210790) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210788) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210744) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210736) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210735) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210734) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210711) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210706) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210705) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210696) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210670) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210657) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210655) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210618) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210611) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210558) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210557) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210551) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210549) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210548) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210538) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210537) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210531) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210530) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210507) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210476) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210474) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210471) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210304) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210298) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210288) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210218) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210150) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210095) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210094) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210089) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210052) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210004) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20210003) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205624) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205620) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205619) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205567) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205562) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205506) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205503) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205500) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205499) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205495) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205493) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205487) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205483) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205480) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205479) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205476) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205473) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205401) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205398) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205393) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205237) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205236) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205146) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205100) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20205085) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204952) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204913) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204847) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204846) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204844) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204827) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204820) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204807) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204806) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204805) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204799) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204766) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204763) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204760) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204756) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204751) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204743) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204712) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204709) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204697) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204694) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204690) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204689) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204687) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204686) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204685) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204682) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204676) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204670) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204667) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204659) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204655) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204654) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204650) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204649) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204647) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204643) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204641) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204638) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204634) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204629) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204628) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204627) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204625) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204619) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204609) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204605) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204599) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204568) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204553) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204547) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204545) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204542) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204539) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204514) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204508) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204500) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204497) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204490) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204484) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204483) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204482) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204481) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204479) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204469) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204465) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204464) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204453) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204451) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204445) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204444) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204443) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204442) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204436) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204433) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204432) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204431) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204347) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204331) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204317) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204305) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204289) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204286) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204272) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204186) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204155) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20204059) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203832) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203732) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203714) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203713) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203699) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203669) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203665) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203662) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203658) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203654) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203634) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203623) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203557) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203422) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203386) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203385) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203341) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203280) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203241) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203219) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203218) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203216) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203185) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203176) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203073) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203053) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203050) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203038) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203032) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203016) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203014) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203011) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20203010) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202972) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202970) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202954) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202938) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202902) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202901) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202897) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202852) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202848) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202828) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202774) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202755) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202641) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202637) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202614) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202567) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202550) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202471) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202462) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202450) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202431) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202428) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202427) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202416) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202407) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202379) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202338) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202336) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202250) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202241) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202171) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202143) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202125) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202102) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202070) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202046) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202041) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20202031) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201998) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201980) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201933) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201932) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201931) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201926) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201921) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201916) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201913) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201912) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201880) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201878) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201864) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201852) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201845) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201840) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201828) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201827) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201810) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201804) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201797) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201794) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201792) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201787) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201769) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201766) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201765) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201764) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201735) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201725) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201716) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201715) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201712) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201708) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201702) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201688) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201686) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201672) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201665) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201660) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201659) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201653) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201650) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201644) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201636) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201635) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201631) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201624) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201616) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201605) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201604) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201600) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201598) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201581) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201577) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201576) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201567) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201515) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201514) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201513) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201497) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201495) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201406) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201379) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201378) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201372) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201360) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201358) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201341) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201318) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201317) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201293) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20201288) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200981) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200920) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200919) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200903) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200902) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200820) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200708) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200633) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200598) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200580) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200579) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200577) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200575) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200570) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200559) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200512) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200487) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200465) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200348) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200339) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200335) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200329) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200328) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200279) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200274) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200273) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200271) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200202) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200201) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200130) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200128) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200127) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200111) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20200046) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20194361) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20194360) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20194356) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20194273) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20194269) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20194245) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20194195) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20194114) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20194111) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193951) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193936) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193890) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193871) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193870) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193833) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193832) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193736) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193735) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193708) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193707) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193706) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193705) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193704) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193703) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193702) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193701) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193700) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193699) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193698) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193694) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193673) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193651) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193643) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193624) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193610) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193600) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193592) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193590) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193583) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193582) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193575) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193553) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193552) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193530) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193525) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193520) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193517) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193513) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193497) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193494) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193476) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193467) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193464) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193436) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193433) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193421) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193419) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193403) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193401) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193391) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193390) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193387) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193353) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193352) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193345) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193338) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193335) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193309) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193237) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193196) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193135) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20193134) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192925) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192893) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192828) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192827) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192822) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192799) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192798) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192774) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192741) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192731) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192726) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192722) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192720) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192713) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192703) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192692) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192663) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192593) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192591) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192590) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192582) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192512) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192511) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192465) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192411) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192405) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192004) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20192002) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191972) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191971) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191959) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191951) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191817) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191816) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191799) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191771) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191764) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191714) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191696) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191623) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191619) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191580) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191529) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191527) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191519) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191518) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191517) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191480) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191479) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191308) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191279) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191269) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191268) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191259) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191238) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191175) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191174) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191167) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191152) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191146) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191145) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191144) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191143) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20191142) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20190997) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20190990) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20190985) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20190984) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20190983) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20190981) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20190980) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20190975) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20190972) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20190971) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20190968) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20190966) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhea:def:20225139) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhea:def:20211906) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhea:def:20211580) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhea:def:20204505) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhea:def:20200343) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhea:def:20200330) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhea:def:20194262) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhea:def:20193845) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20227667) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20225747) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20222065) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20221386) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20220348) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20214438) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20213054) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20210621) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20201628) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20201376) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20194268) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20193674) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20193621) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20193416) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20193408) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20193384) medium
    pass
    Ensure Software Patches Installed (oval:com.redhat.rhba:def:20191992) medium
    pass
    Account and Access Control 4x fail 2x notchecked
    Warning Banners for System Accesses
    Enable GNOME3 Login Warning Bannermedium
    notapplicable
    Modify the System Login Bannermedium
    notapplicable
    Protect Accounts by Configuring PAM 1x fail
    Set Lockouts for Failed Password Attempts 1x fail
    Limit Password Reuse: password-authmedium
    notapplicable
    Limit Password Reuse: system-authmedium
    notapplicable
    Account Lockouts Must Be Loggedmedium
    fail
    Lock Accounts After Failed Password Attemptsmedium
    notapplicable
    Configure the root Account for Failed Password Attemptsmedium
    notapplicable
    Lock Accounts Must Persistmedium
    notapplicable
    Set Interval For Counting Failed Password Attemptsmedium
    notapplicable
    Do Not Show System Messages When Unsuccessful Logon Attempts Occurmedium
    notapplicable
    Set Lockout Time for Failed Password Attemptsmedium
    notapplicable
    Set Password Quality Requirements
    Set Password Quality Requirements with pam_pwquality
    Ensure PAM Enforces Password Requirements - Minimum Digit Charactersmedium
    notapplicable
    Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Wordsmedium
    notapplicable
    Ensure PAM Enforces Password Requirements - Minimum Different Charactersmedium
    notapplicable
    Ensure PAM Enforces Password Requirements - Minimum Lowercase Charactersmedium
    notapplicable
    Ensure PAM Enforces Password Requirements - Maximum Consecutive Repeating Characters from Same Character Classmedium
    notapplicable
    Set Password Maximum Consecutive Repeating Charactersmedium
    notapplicable
    Ensure PAM Enforces Password Requirements - Minimum Different Categoriesmedium
    notapplicable
    Ensure PAM Enforces Password Requirements - Minimum Lengthmedium
    notapplicable
    Ensure PAM Enforces Password Requirements - Minimum Special Charactersmedium
    notapplicable
    Ensure PAM password complexity module is enabled in password-authmedium
    notapplicable
    Ensure PAM password complexity module is enabled in system-authmedium
    notapplicable
    Ensure PAM Enforces Password Requirements - Authentication Retry Prompts Permitted Per-Sessionmedium
    notapplicable
    Ensure PAM Enforces Password Requirements - Minimum Uppercase Charactersmedium
    notapplicable
    Set Password Hashing Algorithm
    Set Password Hashing Algorithm in /etc/login.defsmedium
    notapplicable
    Set PAM''s Password Hashing Algorithm - password-authmedium
    notapplicable
    Set PAM''s Password Hashing Algorithmmedium
    notapplicable
    Set Password Hashing Rounds in /etc/login.defsmedium
    pass
    Disallow Configuration to Bypass Password Requirements for Privilege Escalationmedium
    notapplicable
    Protect Physical Console Access
    Configure Screen Locking
    Configure Console Screen Locking
    Install the tmux Packagemedium
    notapplicable
    Support session locking with tmux (not enforcing)medium
    notapplicable
    Configure tmux to lock session after inactivitymedium
    notapplicable
    Configure the tmux Lock Commandmedium
    notapplicable
    Configure the tmux lock session key bindinglow
    notapplicable
    Prevent user from disabling the screen locklow
    notapplicable
    Install the opensc Package For Multifactor Authenticationmedium
    notapplicable
    Install Smart Card Packages For Multifactor Authenticationmedium
    notapplicable
    Disable debug-shell SystemD Servicemedium
    notapplicable
    Disable Ctrl-Alt-Del Burst Actionhigh
    notapplicable
    Disable Ctrl-Alt-Del Reboot Activationhigh
    notapplicable
    Configure Logind to terminate idle sessions after certain time of inactivitymedium
    notapplicable
    Require Authentication for Emergency Systemd Targetmedium
    notapplicable
    Require Authentication for Single User Modemedium
    notapplicable
    Protect Accounts by Restricting Password-Based Login 1x fail 1x notchecked
    Set Password Expiration Parameters
    Set Existing Passwords Maximum Agemedium
    pass
    Set Existing Passwords Minimum Agemedium
    pass
    Verify Proper Storage and Existence of Password Hashes
    Verify All Account Password Hashes are Shadowed with SHA512medium
    notapplicable
    Prevent Login to Accounts With Empty Passwordhigh
    notapplicable
    Ensure There Are No Accounts With Blank or Null Passwordshigh
    notapplicable
    Restrict Root Logins
    Verify Only Root Has UID 0high
    pass
    Only Authorized Local User Accounts Exist on Operating Systemmedium
    fail
    Secure Session Configuration Files for Login Accounts 1x fail 1x notchecked
    Ensure that Users Have Sensible Umask Values
    Ensure the Default Bash Umask is Set Correctlymedium
    pass
    Ensure the Default C Shell Umask is Set Correctlymedium
    pass
    Ensure the Default Umask is Set Correctly in /etc/profilemedium
    pass
    Ensure the Default Umask is Set Correctly For Interactive Usersmedium
    pass
    Ensure the Logon Failure Delay is Set Correctly in login.defsmedium
    notapplicable
    User Initialization Files Must Not Run World-Writable Programsmedium
    pass
    Ensure that Users Path Contains Only Local Directoriesmedium
    notchecked
    All Interactive Users Must Have A Home Directory Definedmedium
    pass
    All Interactive Users Home Directories Must Existmedium
    fail
    All User Files and Directories In The Home Directory Must Be Group-Owned By The Primary Groupmedium
    pass
    All User Files and Directories In The Home Directory Must Have Mode 0750 Or Less Permissivemedium
    pass
    All Interactive User Home Directories Must Be Group-Owned By The Primary Groupmedium
    pass
    Ensure All User Initialization Files Have Mode 0740 Or Less Permissivemedium
    pass
    All Interactive User Home Directories Must Have mode 0750 Or Less Permissivemedium
    pass
    Enable authselectmedium
    fail
    System Accounting with auditd
    Configure auditd Rules for Comprehensive Auditing
    Record Events that Modify the System's Discretionary Access Controls
    Record Events that Modify the System's Discretionary Access Controls - chmodmedium
    notapplicable
    Record Events that Modify the System's Discretionary Access Controls - chownmedium
    notapplicable
    Record Events that Modify the System's Discretionary Access Controls - fchmodmedium
    notapplicable
    Record Events that Modify the System's Discretionary Access Controls - fchmodatmedium
    notapplicable
    Record Events that Modify the System's Discretionary Access Controls - fchownmedium
    notapplicable
    Record Events that Modify the System's Discretionary Access Controls - fchownatmedium
    notapplicable
    Record Events that Modify the System's Discretionary Access Controls - fremovexattrmedium
    notapplicable
    Record Events that Modify the System's Discretionary Access Controls - fsetxattrmedium
    notapplicable
    Record Events that Modify the System's Discretionary Access Controls - lchownmedium
    notapplicable
    Record Events that Modify the System's Discretionary Access Controls - lremovexattrmedium
    notapplicable
    Record Events that Modify the System's Discretionary Access Controls - lsetxattrmedium
    notapplicable
    Record Events that Modify the System's Discretionary Access Controls - removexattrmedium
    notapplicable
    Record Events that Modify the System's Discretionary Access Controls - setxattrmedium
    notapplicable
    Record Execution Attempts to Run ACL Privileged Commands
    Record Any Attempts to Run chaclmedium
    notapplicable
    Record Any Attempts to Run setfaclmedium
    notapplicable
    Record Execution Attempts to Run SELinux Privileged Commands
    Record Any Attempts to Run chconmedium
    notapplicable
    Record Any Attempts to Run semanagemedium
    notapplicable
    Record Any Attempts to Run setfilesmedium
    notapplicable
    Record Any Attempts to Run setseboolmedium
    notapplicable
    Record File Deletion Events by User
    Ensure auditd Collects File Deletion Events by User - renamemedium
    notapplicable
    Ensure auditd Collects File Deletion Events by User - renameatmedium
    notapplicable
    Ensure auditd Collects File Deletion Events by User - rmdirmedium
    notapplicable
    Ensure auditd Collects File Deletion Events by User - unlinkatmedium
    notapplicable
    Record Unauthorized Access Attempts Events to Files (unsuccessful)
    Record Unsuccessful Access Attempts to Files - creatmedium
    notapplicable
    Record Unsuccessful Access Attempts to Files - ftruncatemedium
    notapplicable
    Record Unsuccessful Access Attempts to Files - openmedium
    notapplicable
    Record Unsuccessful Access Attempts to Files - open_by_handle_atmedium
    notapplicable
    Record Unsuccessful Access Attempts to Files - openatmedium
    notapplicable
    Record Unsuccessful Access Attempts to Files - truncatemedium
    notapplicable
    Record Information on Kernel Modules Loading and Unloading
    Ensure auditd Collects Information on Kernel Module Unloading - delete_modulemedium
    notapplicable
    Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_modulemedium
    notapplicable
    Ensure auditd Collects Information on Kernel Module Loading - init_modulemedium
    notapplicable
    Record Information on the Use of Privileged Commands
    Ensure auditd Collects Information on the Use of Privileged Commands - chagemedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - chshmedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - crontabmedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - gpasswdmedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - kmodmedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - mountmedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - newgrpmedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - pam_timestamp_checkmedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - passwdmedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - postdropmedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - postqueuemedium
    notapplicable
    Record Any Attempts to Run ssh-agentmedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - ssh-keysignmedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - sumedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - sudomedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - umountmedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - unix_chkpwdmedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - unix_updatemedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - userhelpermedium
    notapplicable
    Ensure auditd Collects Information on the Use of Privileged Commands - usermodmedium
    notapplicable
    Make the auditd Configuration Immutablemedium
    notapplicable
    Ensure auditd Collects Information on Exporting to Media (successful)medium
    notapplicable
    Ensure auditd Collects System Administrator Actions - /etc/sudoersmedium
    notapplicable
    Ensure auditd Collects System Administrator Actions - /etc/sudoers.d/medium
    notapplicable
    Record Events When Privileged Executables Are Runmedium
    notapplicable
    Record Events that Modify User/Group Information - /etc/groupmedium
    notapplicable
    Record Events that Modify User/Group Information - /etc/gshadowmedium
    notapplicable
    Record Events that Modify User/Group Information - /etc/security/opasswdmedium
    notapplicable
    Record Events that Modify User/Group Information - /etc/passwdmedium
    notapplicable
    Record Events that Modify User/Group Information - /etc/shadowmedium
    notapplicable
    System Audit Directories Must Be Group Owned By Rootmedium
    notapplicable
    System Audit Directories Must Be Owned By Rootmedium
    notapplicable
    System Audit Logs Must Have Mode 0750 or Less Permissivemedium
    notapplicable
    System Audit Logs Must Be Group Owned By Rootmedium
    notapplicable
    System Audit Logs Must Be Owned By Rootmedium
    notapplicable
    System Audit Logs Must Have Mode 0640 or Less Permissivemedium
    notapplicable
    Configure auditd Data Retention
    Configure a Sufficiently Large Partition for Audit Logsmedium
    notapplicable
    Configure auditd Disk Error Action on Disk Errormedium
    notapplicable
    Configure auditd Disk Full Action when Disk Space Is Fullmedium
    notapplicable
    Configure auditd mail_acct Action on Low Disk Spacemedium
    notapplicable
    Configure auditd space_left Action on Low Disk Spacemedium
    notapplicable
    Configure auditd space_left on Low Disk Spacemedium
    notapplicable
    Include Local Events in Audit Logsmedium
    notapplicable
    Resolve information before writing to audit logslow
    notapplicable
    Set hostname as computer node name in audit logsmedium
    notapplicable
    Appropriate Action Must be Setup When the Internal Audit Event Queue is Fullmedium
    notapplicable
    Ensure the audit Subsystem is Installedmedium
    notapplicable
    Enable auditd Servicemedium
    notapplicable
    Enable Auditing for Processes Which Start Prior to the Audit Daemonlow
    notapplicable
    Extend Audit Backlog Limit for the Audit Daemonlow
    notapplicable
    GRUB2 bootloader configuration
    Non-UEFI GRUB2 bootloader configuration
    Set the Boot Loader Admin Username to a Non-Default Valuehigh
    notapplicable
    Set Boot Loader Password in grub2high
    notapplicable
    UEFI GRUB2 bootloader configuration
    Set the UEFI Boot Loader Admin Username to a Non-Default Valuemedium
    notapplicable
    Set the UEFI Boot Loader Passwordhigh
    notapplicable
    Enable Kernel Page-Table Isolation (KPTI)low
    notapplicable
    Disable vsyscallsmedium
    notapplicable
    Configure Syslog
    Ensure Proper Configuration of Log Files
    Ensure cron Is Logging To Rsyslogmedium
    notapplicable
    Ensure Rsyslog Authenticates Off-Loaded Audit Recordsmedium
    notapplicable
    Ensure Rsyslog Encrypts Off-Loaded Audit Recordsmedium
    notapplicable
    Ensure Rsyslog Encrypts Off-Loaded Audit Recordsmedium
    notapplicable
    Ensure remote access methods are monitored in Rsyslogmedium
    notapplicable
    Rsyslog Logs Sent To Remote Host
    Ensure Logs Sent To Remote Hostmedium
    notapplicable
    Ensure rsyslog-gnutls is installedmedium
    notapplicable
    Ensure rsyslog is Installedmedium
    notapplicable
    Enable rsyslog Servicemedium
    notapplicable
    Network Configuration and Firewalls 1x fail
    firewalld
    Inspect and Activate Default firewalld Rules
    Install firewalld Packagemedium
    notapplicable
    Verify firewalld Enabledmedium
    notapplicable
    Strengthen the Default Ruleset
    Configure the Firewalld Portsmedium
    notapplicable
    IPv6
    Configure IPv6 Settings if Necessary
    Configure Accepting Router Advertisements on All IPv6 Interfacesmedium
    notapplicable
    Disable Accepting ICMP Redirects for All IPv6 Interfacesmedium
    notapplicable
    Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfacesmedium
    notapplicable
    Disable Kernel Parameter for IPv6 Forwardingmedium
    notapplicable
    Disable Accepting Router Advertisements on all IPv6 Interfaces by Defaultmedium
    notapplicable
    Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfacesmedium
    notapplicable
    Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Defaultmedium
    notapplicable
    Kernel Parameters Which Affect Networking
    Network Related Kernel Runtime Parameters for Hosts and Routers
    Disable Accepting ICMP Redirects for All IPv4 Interfacesmedium
    notapplicable
    Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfacesmedium
    notapplicable
    Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfacesmedium
    notapplicable
    Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfacesmedium
    notapplicable
    Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfacesmedium
    notapplicable
    Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Defaultmedium
    notapplicable
    Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfacesmedium
    notapplicable
    Network Parameters for Hosts Only
    Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfacesmedium
    notapplicable
    Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Defaultmedium
    notapplicable
    Uncommon Network Protocols
    Disable ATM Supportmedium
    notapplicable
    Disable CAN Supportmedium
    notapplicable
    Disable IEEE 1394 (FireWire) Supportlow
    notapplicable
    Disable SCTP Supportmedium
    notapplicable
    Disable TIPC Supportlow
    notapplicable
    Wireless Networking
    Disable Wireless Through Software Configuration
    Disable Bluetooth Kernel Modulemedium
    notapplicable
    Deactivate Wireless Network Interfacesmedium
    notapplicable
    Configure Multiple DNS Servers in /etc/resolv.confmedium
    fail
    Ensure System is Not Acting as a Network Sniffermedium
    notapplicable
    File Permissions and Masks
    Verify Permissions on Important Files and Directories
    Verify Permissions on Files within /var/log Directory
    Verify Group Who Owns /var/log Directorymedium
    pass
    Verify Group Who Owns /var/log/messages Filemedium
    pass
    Verify User Who Owns /var/log Directorymedium
    pass
    Verify User Who Owns /var/log/messages Filemedium
    pass
    Verify Permissions on /var/log Directorymedium
    pass
    Verify Permissions on /var/log/messages Filemedium
    pass
    Verify File Permissions Within Some Important Directories
    Verify that Shared Library Directories Have Root Group Ownershipmedium
    pass
    Verify that Shared Library Directories Have Root Ownershipmedium
    pass
    Verify that Shared Library Directories Have Restrictive Permissionsmedium
    pass
    Verify that system commands files are group owned by root or a system accountmedium
    pass
    Verify that System Executables Have Root Ownershipmedium
    pass
    Verify that Shared Library Files Have Root Ownershipmedium
    pass
    Verify that System Executables Have Restrictive Permissionsmedium
    pass
    Verify that Shared Library Files Have Restrictive Permissionsmedium
    pass
    Verify the system-wide library files in directories "/lib", "/lib64", "/usr/lib/" and "/usr/lib64" are group-owned by root.medium
    pass
    Ensure All World-Writable Directories Are Owned by root Usermedium
    pass
    Verify that All World-Writable Directories Have Sticky Bits Setmedium
    pass
    Ensure All World-Writable Directories Are Group Owned by a System Accountmedium
    pass
    Verify Permissions on /etc/audit/auditd.confmedium
    pass
    Verify Permissions on /etc/audit/rules.d/*.rulesmedium
    pass
    Ensure All Files Are Owned by a Groupmedium
    pass
    Ensure All Files Are Owned by a Usermedium
    notapplicable
    Restrict Dynamic Mounting and Unmounting of Filesystems
    Disable the Automountermedium
    notapplicable
    Disable Mounting of cramfslow
    notapplicable
    Disable Modprobe Loading of USB Storage Drivermedium
    notapplicable
    Restrict Partition Mount Options
    Add nosuid Option to /boot/efimedium
    notapplicable
    Add nosuid Option to /bootmedium
    notapplicable
    Add nodev Option to /dev/shmmedium
    notapplicable
    Add noexec Option to /dev/shmmedium
    notapplicable
    Add nosuid Option to /dev/shmmedium
    notapplicable
    Add noexec Option to /homemedium
    notapplicable
    Add nosuid Option to /homemedium
    notapplicable
    Add nodev Option to Non-Root Local Partitionsmedium
    notapplicable
    Add nodev Option to Removable Media Partitionsmedium
    notapplicable
    Add noexec Option to Removable Media Partitionsmedium
    notapplicable
    Add nosuid Option to Removable Media Partitionsmedium
    notapplicable
    Add nodev Option to /tmpmedium
    notapplicable
    Add noexec Option to /tmpmedium
    notapplicable
    Add nosuid Option to /tmpmedium
    notapplicable
    Add nodev Option to /var/log/auditmedium
    notapplicable
    Add noexec Option to /var/log/auditmedium
    notapplicable
    Add nosuid Option to /var/log/auditmedium
    notapplicable
    Add nodev Option to /var/logmedium
    notapplicable
    Add noexec Option to /var/logmedium
    notapplicable
    Add nosuid Option to /var/logmedium
    notapplicable
    Add nodev Option to /var/tmpmedium
    notapplicable
    Add noexec Option to /var/tmpmedium
    notapplicable
    Add nosuid Option to /var/tmpmedium
    notapplicable
    Restrict Programs from Dangerous Execution Patterns
    Disable Core Dumps
    Disable acquiring, saving, and processing core dumpsmedium
    notapplicable
    Disable core dump backtracesmedium
    notapplicable
    Disable storing core dumpmedium
    notapplicable
    Disable Core Dumps for All Usersmedium
    notapplicable
    Enable ExecShield
    Restrict Exposed Kernel Pointer Addresses Accessmedium
    notapplicable
    Enable Randomized Layout of Virtual Address Spacemedium
    notapplicable
    Enable Execute Disable (XD) or No Execute (NX) Support on x86 Systems
    Enable NX or XD Support in the BIOSmedium
    notapplicable
    Memory Poisoning
    Enable page allocator poisoningmedium
    notapplicable
    Enable SLUB/SLAB allocator poisoningmedium
    notapplicable
    Disable storing core dumpsmedium
    notapplicable
    Restrict Access to Kernel Message Bufferlow
    notapplicable
    Disable Kernel Image Loadingmedium
    notapplicable
    Disallow kernel profiling by unprivileged userslow
    notapplicable
    Disable Access to Network bpf() Syscall From Unprivileged Processesmedium
    notapplicable
    Restrict usage of ptrace to descendant processesmedium
    notapplicable
    Harden the operation of the BPF just-in-time compilermedium
    notapplicable
    Disable the use of user namespacesmedium
    notapplicable
    SELinux
    Install policycoreutils Packagelow
    notapplicable
    Configure SELinux Policymedium
    notapplicable
    Ensure SELinux State is Enforcinghigh
    notapplicable
    Services
    Base Services
    Uninstall Automatic Bug Reporting Tool (abrt)medium
    pass
    Disable KDump Kernel Crash Analyzer (kdump)medium
    notapplicable
    Application Whitelisting Daemon
    Install fapolicyd Packagemedium
    notapplicable
    Enable the File Access Policy Servicemedium
    notapplicable
    Configure Fapolicy Module to Employ a Deny-all, Permit-by-exception Policy to Allow the Execution of Authorized Software Programs.medium
    notapplicable
    FTP Server
    Disable vsftpd if Possible
    Uninstall vsftpd Packagehigh
    pass
    Kerberos
    Remove the Kerberos Server Packagemedium
    notapplicable
    Disable Kerberos by removing host keytabmedium
    notapplicable
    Mail Server Software
    Configure SMTP For Mail Clients
    Configure System to Forward All Mail From Postmaster to The Root Accountmedium
    notapplicable
    Configure Operating System to Protect Mail Server
    Configure Postfix if Necessary
    Control Mail Relaying
    Prevent Unrestricted Mail Relayingmedium
    notapplicable
    The mailx Package Is Installedmedium
    notapplicable
    The Postfix package is installedmedium
    notapplicable
    Uninstall Sendmail Packagemedium
    notapplicable
    NFS and RPC
    Configure NFS Clients
    Mount Remote Filesystems with Restrictive Options
    Mount Remote Filesystems with nodevmedium
    notapplicable
    Mount Remote Filesystems with noexecmedium
    notapplicable
    Mount Remote Filesystems with nosuidmedium
    notapplicable
    Network Time Protocol
    Disable chrony daemon from acting as serverlow
    notapplicable
    Disable network management of chrony daemonlow
    notapplicable
    Configure Time Service Maxpoll Intervalmedium
    notapplicable
    Ensure Chrony is only configured with the server directivemedium
    notapplicable
    Obsolete Services
    Rlogin, Rsh, and Rexec
    Uninstall rsh-server Packagehigh
    pass
    Remove Host-Based Authentication Fileshigh
    pass
    Remove User Host-Based Authentication Fileshigh
    pass
    Telnet
    Uninstall telnet-server Packagehigh
    pass
    TFTP Server
    Uninstall tftp-server Packagehigh
    pass
    Ensure tftp Daemon Uses Secure Modemedium
    notapplicable
    Hardware RNG Entropy Gatherer Daemon
    Enable the Hardware RNG Entropy Gatherer Servicelow
    notapplicable
    SSH Server
    Configure OpenSSH Client if Necessary
    Verify the SSH Private Key Files Have a Passcodemedium
    notapplicable
    Configure OpenSSH Server if Necessary
    Set SSH Client Alive Count Maxmedium
    notapplicable
    Disable SSH Access via Empty Passwordshigh
    notapplicable
    Disable GSSAPI Authenticationmedium
    notapplicable
    Disable Kerberos Authenticationmedium
    notapplicable
    Disable SSH Support for User Known Hostsmedium
    notapplicable
    Disable X11 Forwardingmedium
    notapplicable
    Do Not Allow SSH Environment Optionsmedium
    notapplicable
    Enable Use of Strict Mode Checkingmedium
    notapplicable
    Enable SSH Warning Bannermedium
    notapplicable
    Enable SSH Print Last Logmedium
    notapplicable
    Force frequent session key renegotiationmedium
    notapplicable
    Use Only FIPS 140-2 Validated Key Exchange Algorithmsmedium
    notapplicable
    SSH server uses strong entropy to seedlow
    notapplicable
    Prevent remote hosts from connecting to the proxy displaymedium
    notapplicable
    Install the OpenSSH Server Packagemedium
    notapplicable
    Enable the OpenSSH Servicemedium
    notapplicable
    Verify Permissions on SSH Server Private *_key Key Filesmedium
    notapplicable
    Verify Permissions on SSH Server Public *.pub Key Filesmedium
    notapplicable
    System Security Services Daemon
    Certificate status checking in SSSDmedium
    notapplicable
    Enable Certmap in SSSDmedium
    notapplicable
    Enable Smartcards in SSSDmedium
    notapplicable
    SSSD Has a Correct Trust Anchormedium
    notapplicable
    Configure SSSD to Expire Offline Credentialsmedium
    notapplicable
    USBGuard daemon
    Install usbguard Packagemedium
    notapplicable
    Enable the USBGuard Servicemedium
    notapplicable
    Log USBGuard daemon audit events using Linux Auditlow
    notapplicable
    Generate USBGuard Policymedium
    notapplicable
    X Window System
    Disable X Windows
    Disable graphical user interfacemedium
    pass
    Disable X Windows Startup By Setting Default Targetmedium
    notapplicable

    Result Details

    Install AIDExccdf_org.ssgproject.content_rule_package_aide_installed mediumCCE-80844-4

    Install AIDE

    Rule IDxccdf_org.ssgproject.content_rule_package_aide_installed
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80844-4

    References:  BP28(R51), 1, 11, 12, 13, 14, 15, 16, 2, 3, 5, 7, 8, 9, 5.10.1.3, APO01.06, BAI01.06, BAI02.01, BAI03.05, BAI06.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS01.03, DSS03.05, DSS04.07, DSS05.02, DSS05.03, DSS05.05, DSS05.07, DSS06.02, DSS06.06, CCI-002696, CCI-002699, CCI-001744, 4.3.4.3.2, 4.3.4.3.3, 4.3.4.4.4, SR 3.1, SR 3.3, SR 3.4, SR 3.8, SR 4.1, SR 6.2, SR 7.6, 1034, 1288, 1341, 1417, A.11.2.4, A.12.1.2, A.12.2.1, A.12.4.1, A.12.5.1, A.12.6.2, A.14.1.2, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, A.14.2.7, A.15.2.1, A.8.2.3, CM-6(a), DE.CM-1, DE.CM-7, PR.DS-1, PR.DS-6, PR.DS-8, PR.IP-1, PR.IP-3, Req-11.5, 11.5.2, SRG-OS-000445-GPOS-00199, RHEL-08-010359, 1.3.1, SV-251710r880730_rule

    Description
    The aide package can be installed with the following command:
    $ sudo yum install aide
    Rationale
    The AIDE package must be installed if it is to be available for integrity checking.
    Build and Test AIDE Databasexccdf_org.ssgproject.content_rule_aide_build_database mediumCCE-80675-2

    Build and Test AIDE Database

    Rule IDxccdf_org.ssgproject.content_rule_aide_build_database
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80675-2

    References:  BP28(R51), 1, 11, 12, 13, 14, 15, 16, 2, 3, 5, 7, 8, 9, 5.10.1.3, APO01.06, BAI01.06, BAI02.01, BAI03.05, BAI06.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS01.03, DSS03.05, DSS04.07, DSS05.02, DSS05.03, DSS05.05, DSS05.07, DSS06.02, DSS06.06, 4.3.4.3.2, 4.3.4.3.3, 4.3.4.4.4, SR 3.1, SR 3.3, SR 3.4, SR 3.8, SR 4.1, SR 6.2, SR 7.6, A.11.2.4, A.12.1.2, A.12.2.1, A.12.4.1, A.12.5.1, A.12.6.2, A.14.1.2, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, A.14.2.7, A.15.2.1, A.8.2.3, CM-6(a), DE.CM-1, DE.CM-7, PR.DS-1, PR.DS-6, PR.DS-8, PR.IP-1, PR.IP-3, Req-11.5, 11.5.2, SRG-OS-000445-GPOS-00199, RHEL-08-010359, 1.3.1, SV-251710r880730_rule

    Description
    Run the following command to generate a new database:
    $ sudo /usr/sbin/aide --init
    By default, the database will be written to the file /var/lib/aide/aide.db.new.gz. Storing the database, the configuration file /etc/aide.conf, and the binary /usr/sbin/aide (or hashes of these files), in a secure location (such as on read-only media) provides additional assurance about their integrity. The newly-generated database can be installed as follows:
    $ sudo cp /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
    To initiate a manual check, run the following command:
    $ sudo /usr/sbin/aide --check
    If this check produces any unexpected output, investigate.
    Rationale
    For AIDE to be effective, an initial database of "known-good" information about files must be captured and it should be able to be verified against the installed files.
    Configure AIDE to Verify the Audit Toolsxccdf_org.ssgproject.content_rule_aide_check_audit_tools mediumCCE-85964-5

    Configure AIDE to Verify the Audit Tools

    Rule IDxccdf_org.ssgproject.content_rule_aide_check_audit_tools
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-85964-5

    References:  CCI-001496, AU-9(3), AU-9(3).1, SRG-OS-000278-GPOS-00108, RHEL-08-030650, SV-230475r880722_rule

    Description
    The operating system file integrity tool must be configured to protect the integrity of the audit tools.
    Rationale
    Protecting the integrity of the tools used for auditing purposes is a critical step toward ensuring the integrity of audit information. Audit information includes all information (e.g., audit records, audit settings, and audit reports) needed to successfully audit information system activity. Audit tools include but are not limited to vendor-provided and open-source audit tools needed to successfully view and manipulate audit information system activity and records. Audit tools include custom queries and report generators. It is not uncommon for attackers to replace the audit tools or inject code into the existing tools to provide the capability to hide or erase system activity from the audit logs. To address this risk, audit tools must be cryptographically signed to provide the capability to identify when the audit tools have been modified, manipulated, or replaced. An example is a checksum hash of the file or files.
    Configure Notification of Post-AIDE Scan Detailsxccdf_org.ssgproject.content_rule_aide_scan_notification mediumCCE-82891-3

    Configure Notification of Post-AIDE Scan Details

    Rule IDxccdf_org.ssgproject.content_rule_aide_scan_notification
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-82891-3

    References:  BP28(R51), 1, 11, 12, 13, 15, 16, 2, 3, 5, 7, 8, 9, BAI01.06, BAI06.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS01.03, DSS03.05, DSS05.02, DSS05.05, DSS05.07, CCI-001744, CCI-002699, CCI-002702, 4.3.4.3.2, 4.3.4.3.3, SR 6.2, SR 7.6, A.12.1.2, A.12.4.1, A.12.5.1, A.12.6.2, A.14.2.2, A.14.2.3, A.14.2.4, A.14.2.7, A.15.2.1, CM-6(a), CM-3(5), DE.CM-1, DE.CM-7, PR.IP-1, PR.IP-3, SRG-OS-000363-GPOS-00150, SRG-OS-000446-GPOS-00200, SRG-OS-000447-GPOS-00201, RHEL-08-010360, SV-230263r902716_rule

    Description
    AIDE should notify appropriate personnel of the details of a scan after the scan has been run. If AIDE has already been configured for periodic execution in /etc/crontab, append the following line to the existing AIDE line:
     | /bin/mail -s "$(hostname) - AIDE Integrity Check" root@localhost
    Otherwise, add the following line to /etc/crontab:
    05 4 * * * root /usr/sbin/aide --check | /bin/mail -s "$(hostname) - AIDE Integrity Check" root@localhost
    AIDE can be executed periodically through other means; this is merely one example.
    Rationale
    Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configurations can have unintended side effects, some of which may be relevant to security.

    Detecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's Information Management Officer (IMO)/Information System Security Officer (ISSO) and System Administrators (SAs) must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item.
    Configure AIDE to Verify Access Control Lists (ACLs)xccdf_org.ssgproject.content_rule_aide_verify_acls lowCCE-84220-3

    Configure AIDE to Verify Access Control Lists (ACLs)

    Rule IDxccdf_org.ssgproject.content_rule_aide_verify_acls
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-84220-3

    References:  BP28(R51), 2, 3, APO01.06, BAI03.05, BAI06.01, DSS06.02, CCI-000366, 4.3.4.4.4, SR 3.1, SR 3.3, SR 3.4, SR 3.8, A.11.2.4, A.12.2.1, A.12.5.1, A.14.1.2, A.14.1.3, A.14.2.4, SI-7, SI-7(1), CM-6(a), PR.DS-6, PR.DS-8, SRG-OS-000480-GPOS-00227, RHEL-08-040310, SV-230552r880724_rule

    Description
    By default, the acl option is added to the FIPSR ruleset in AIDE. If using a custom ruleset or the acl option is missing, add acl to the appropriate ruleset. For example, add acl to the following line in /etc/aide.conf:
    FIPSR = p+i+n+u+g+s+m+c+acl+selinux+xattrs+sha256
    AIDE rules can be configured in multiple ways; this is merely one example that is already configured by default. The remediation provided with this rule adds acl to all rule sets available in /etc/aide.conf
    Rationale
    ACLs can provide permissions beyond those permitted through the file mode and must be verified by the file integrity tools.
    Configure AIDE to Verify Extended Attributesxccdf_org.ssgproject.content_rule_aide_verify_ext_attributes lowCCE-83733-6

    Configure AIDE to Verify Extended Attributes

    Rule IDxccdf_org.ssgproject.content_rule_aide_verify_ext_attributes
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-83733-6

    References:  BP28(R51), 2, 3, APO01.06, BAI03.05, BAI06.01, DSS06.02, CCI-000366, 4.3.4.4.4, SR 3.1, SR 3.3, SR 3.4, SR 3.8, A.11.2.4, A.12.2.1, A.12.5.1, A.14.1.2, A.14.1.3, A.14.2.4, SI-7, SI-7(1), CM-6(a), PR.DS-6, PR.DS-8, SRG-OS-000480-GPOS-00227, RHEL-08-040300, SV-230551r627750_rule

    Description
    By default, the xattrs option is added to the FIPSR ruleset in AIDE. If using a custom ruleset or the xattrs option is missing, add xattrs to the appropriate ruleset. For example, add xattrs to the following line in /etc/aide.conf:
    FIPSR = p+i+n+u+g+s+m+c+acl+selinux+xattrs+sha256
    AIDE rules can be configured in multiple ways; this is merely one example that is already configured by default. The remediation provided with this rule adds xattrs to all rule sets available in /etc/aide.conf
    Rationale
    Extended attributes in file systems are used to contain arbitrary data and file metadata with security implications.
    Audit Tools Must Be Group-owned by Rootxccdf_org.ssgproject.content_rule_file_audit_tools_group_ownership mediumCCE-86239-1

    Audit Tools Must Be Group-owned by Root

    Rule IDxccdf_org.ssgproject.content_rule_file_audit_tools_group_ownership
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-86239-1

    References:  CCI-001493, CCI-001494, CCI-001495, AU-9, SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPOS-00099, RHEL-08-030640, SV-230474r627750_rule

    Description
    Red Hat Enterprise Linux 8 systems providing tools to interface with audit information will leverage user permissions and roles identifying the user accessing the tools, and the corresponding rights the user enjoys, to make access decisions regarding the access to audit tools. Audit tools include, but are not limited to, vendor-provided and open source audit tools needed to successfully view and manipulate audit information system activity and records. Audit tools include custom queries and report generators. Audit tools must have the correct group owner.
    Rationale
    Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operations on audit information.
    Audit Tools Must Be Owned by Rootxccdf_org.ssgproject.content_rule_file_audit_tools_ownership mediumCCE-86259-9

    Audit Tools Must Be Owned by Root

    Rule IDxccdf_org.ssgproject.content_rule_file_audit_tools_ownership
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-86259-9

    References:  CCI-001493, CCI-001494, CCI-001495, AU-9, SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPOS-00099, RHEL-08-030630, SV-230473r744008_rule

    Description
    Red Hat Enterprise Linux 8 systems providing tools to interface with audit information will leverage user permissions and roles identifying the user accessing the tools, and the corresponding rights the user enjoys, to make access decisions regarding the access to audit tools. Audit tools include, but are not limited to, vendor-provided and open source audit tools needed to successfully view and manipulate audit information system activity and records. Audit tools include custom queries and report generators. Audit tools must have the correct owner.
    Rationale
    Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operations on audit information.
    Audit Tools Must Have a Mode of 0755 or Less Permissivexccdf_org.ssgproject.content_rule_file_audit_tools_permissions mediumCCE-86227-6

    Audit Tools Must Have a Mode of 0755 or Less Permissive

    Rule IDxccdf_org.ssgproject.content_rule_file_audit_tools_permissions
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-86227-6

    References:  CCI-001493, AU-9, SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPOS-00099, RHEL-08-030620, SV-230472r627750_rule

    Description
    Red Hat Enterprise Linux 8 systems providing tools to interface with audit information will leverage user permissions and roles identifying the user accessing the tools, and the corresponding rights the user enjoys, to make access decisions regarding the access to audit tools. Audit tools include, but are not limited to, vendor-provided and open source audit tools needed to successfully view and manipulate audit information system activity and records. Audit tools include custom queries and report generators. Audit tools must have a mode of 0755 or less permissive.
    Rationale
    Protecting audit information also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operations on audit information.
    Enable Dracut FIPS Modulexccdf_org.ssgproject.content_rule_enable_dracut_fips_module highCCE-82155-3

    Enable Dracut FIPS Module

    Rule IDxccdf_org.ssgproject.content_rule_enable_dracut_fips_module
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-82155-3

    References:  CCI-000068, CCI-000803, CCI-002450, 1446, CIP-003-8 R4.2, CIP-007-3 R5.1, SC-12(2), SC-12(3), IA-7, SC-13, CM-6(a), SC-12, FCS_RBG_EXT.1, SRG-OS-000478-GPOS-00223, RHEL-08-010020, SV-230223r877398_rule

    Description
    To enable FIPS mode, run the following command:
    fips-mode-setup --enable
    To enable FIPS, the system requires that the fips module is added in dracut configuration. Check if /etc/dracut.conf.d/40-fips.conf contain add_dracutmodules+=" fips "
    Rationale
    Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.
    Warnings
    warning  The system needs to be rebooted for these changes to take effect.
    warning  System Crypto Modules must be provided by a vendor that undergoes FIPS-140 certifications. FIPS-140 is applicable to all Federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems) as defined in Section 5131 of the Information Technology Management Reform Act of 1996, Public Law 104-106. This standard shall be used in designing and implementing cryptographic modules that Federal departments and agencies operate or are operated for them under contract. See https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf To meet this, the system has to have cryptographic software provided by a vendor that has undergone this certification. This means providing documentation, test results, design information, and independent third party review by an accredited lab. While open source software is capable of meeting this, it does not meet FIPS-140 unless the vendor submits to this process.
    Enable FIPS Modexccdf_org.ssgproject.content_rule_enable_fips_mode highCCE-80942-6

    Enable FIPS Mode

    Rule IDxccdf_org.ssgproject.content_rule_enable_fips_mode
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-80942-6

    References:  CCI-000068, CCI-000803, CCI-002450, 1446, CIP-003-8 R4.2, CIP-007-3 R5.1, CM-3(6), SC-12(2), SC-12(3), IA-7, SC-13, CM-6(a), SC-12, FCS_COP.1(1), FCS_COP.1(2), FCS_COP.1(3), FCS_COP.1(4), FCS_CKM.1, FCS_CKM.2, FCS_TLSC_EXT.1, FCS_RBG_EXT.1, SRG-OS-000478-GPOS-00223, SRG-OS-000396-GPOS-00176, RHEL-08-010020, SV-230223r877398_rule

    Description
    To enable FIPS mode, run the following command:
    fips-mode-setup --enable

    The fips-mode-setup command will configure the system in FIPS mode by automatically configuring the following:
    • Setting the kernel FIPS mode flag (/proc/sys/crypto/fips_enabled) to 1
    • Creating /etc/system-fips
    • Setting the system crypto policy in /etc/crypto-policies/config to FIPS
    • Loading the Dracut fips module
    Rationale
    Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.
    Warnings
    warning  The system needs to be rebooted for these changes to take effect.
    warning  This rule DOES NOT CHECK if the components of the operating system are FIPS certified. You can find the list of FIPS certified modules at https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules/search. This rule checks if the system is running in FIPS mode. See the rule description for more information about what it means.
    Set kernel parameter 'crypto.fips_enabled' to 1xccdf_org.ssgproject.content_rule_sysctl_crypto_fips_enabled highCCE-84027-2

    Set kernel parameter 'crypto.fips_enabled' to 1

    Rule IDxccdf_org.ssgproject.content_rule_sysctl_crypto_fips_enabled
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-84027-2

    References:  CCI-000068, CCI-000803, CCI-000877, CCI-001453, CCI-002418, CCI-002450, CCI-002890, CCI-003123, CIP-003-8 R4.2, CIP-007-3 R5.1, SC-12(2), SC-12(3), IA-7, SC-13, CM-6(a), SC-12, SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000250-GPOS-00093, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPOS-00174, SRG-OS-000396-GPOS-00176, SRG-OS-000423-GPOS-00187, SRG-OS-000478-GPOS-00223, RHEL-08-010020, SV-230223r877398_rule

    Description
    System running in FIPS mode is indicated by kernel parameter 'crypto.fips_enabled'. This parameter should be set to 1 in FIPS mode. To enable FIPS mode, run the following command:
    fips-mode-setup --enable
    To enable strict FIPS compliance, the fips=1 kernel option needs to be added to the kernel boot parameters during system installation so key generation is done with FIPS-approved algorithms and continuous monitoring tests in place.
    Rationale
    Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.
    Warnings
    warning  The system needs to be rebooted for these changes to take effect.
    warning  System Crypto Modules must be provided by a vendor that undergoes FIPS-140 certifications. FIPS-140 is applicable to all Federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems) as defined in Section 5131 of the Information Technology Management Reform Act of 1996, Public Law 104-106. This standard shall be used in designing and implementing cryptographic modules that Federal departments and agencies operate or are operated for them under contract. See https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf To meet this, the system has to have cryptographic software provided by a vendor that has undergone this certification. This means providing documentation, test results, design information, and independent third party review by an accredited lab. While open source software is capable of meeting this, it does not meet FIPS-140 unless the vendor submits to this process.
    Configure BIND to use System Crypto Policyxccdf_org.ssgproject.content_rule_configure_bind_crypto_policy highCCE-80934-3

    Configure BIND to use System Crypto Policy

    Rule IDxccdf_org.ssgproject.content_rule_configure_bind_crypto_policy
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-configure_bind_crypto_policy:def:1
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-80934-3

    References:  CIP-003-8 R4.2, CIP-007-3 R5.1, SC-13, SC-12(2), SC-12(3), SRG-OS-000423-GPOS-00187, SRG-OS-000426-GPOS-00190, RHEL-08-010020, SV-230223r877398_rule

    Description
    Crypto Policies provide a centralized control over crypto algorithms usage of many packages. BIND is supported by crypto policy, but the BIND configuration may be set up to ignore it. To check that Crypto Policies settings are configured correctly, ensure that the /etc/named.conf includes the appropriate configuration: In the options section of /etc/named.conf, make sure that the following line is not commented out or superseded by later includes: include "/etc/crypto-policies/back-ends/bind.config";
    Rationale
    Overriding the system crypto policy makes the behavior of the BIND service violate expectations, and makes system configuration more fragmented.
    Configure System Cryptography Policyxccdf_org.ssgproject.content_rule_configure_crypto_policy highCCE-80935-0

    Configure System Cryptography Policy

    Rule IDxccdf_org.ssgproject.content_rule_configure_crypto_policy
    Result
    fail
    Multi-check ruleno
    OVAL Definition IDoval:ssg-configure_crypto_policy:def:1
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-80935-0

    References:  164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.312(e)(1), 164.312(e)(2)(ii), 1446, CIP-003-8 R4.2, CIP-007-3 R5.1, CIP-007-3 R7.1, AC-17(a), AC-17(2), CM-6(a), MA-4(6), SC-13, SC-12(2), SC-12(3), FCS_COP.1(1), FCS_COP.1(2), FCS_COP.1(3), FCS_COP.1(4), FCS_CKM.1, FCS_CKM.2, FCS_TLSC_EXT.1, SRG-OS-000396-GPOS-00176, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPOS-00174, RHEL-08-010020, 1.10, 1.11, SV-230223r877398_rule

    Description
    To configure the system cryptography policy to use ciphers only from the FIPS policy, run the following command:
    $ sudo update-crypto-policies --set FIPS
    The rule checks if settings for selected crypto policy are configured as expected. Configuration files in the /etc/crypto-policies/back-ends are either symlinks to correct files provided by Crypto-policies package or they are regular files in case crypto policy customizations are applied. Crypto policies may be customized by crypto policy modules, in which case it is delimited from the base policy using a colon.
    Rationale
    Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data.
    Warnings
    warning  The system needs to be rebooted for these changes to take effect.
    warning  System Crypto Modules must be provided by a vendor that undergoes FIPS-140 certifications. FIPS-140 is applicable to all Federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems) as defined in Section 5131 of the Information Technology Management Reform Act of 1996, Public Law 104-106. This standard shall be used in designing and implementing cryptographic modules that Federal departments and agencies operate or are operated for them under contract. See https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf To meet this, the system has to have cryptographic software provided by a vendor that has undergone this certification. This means providing documentation, test results, design information, and independent third party review by an accredited lab. While open source software is capable of meeting this, it does not meet FIPS-140 unless the vendor submits to this process.

    
    var_system_crypto_policy='FIPS'
    
    
    stderr_of_call=$(update-crypto-policies --set ${var_system_crypto_policy} 2>&1 > /dev/null)
    rc=$?
    
    if test "$rc" = 127; then
    	echo "$stderr_of_call" >&2
    	echo "Make sure that the script is installed on the remediated system." >&2
    	echo "See output of the 'dnf provides update-crypto-policies' command" >&2
    	echo "to see what package to (re)install" >&2
    
    	false  # end with an error code
    elif test "$rc" != 0; then
    	echo "Error invoking the update-crypto-policies script: $stderr_of_call" >&2
    	false  # end with an error code
    fi
    

    Complexity:low
    Disruption:low
    Reboot:true
    Strategy:restrict
    ---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        systemd:
          units:
            - name: configure-crypto-policy.service
              enabled: true
              contents: |
                [Unit]
                Before=kubelet.service
                [Service]
                Type=oneshot
                ExecStart=update-crypto-policies --set {{.var_system_crypto_policy}}
                RemainAfterExit=yes
                [Install]
                WantedBy=multi-user.target
    

    Complexity:low
    Disruption:low
    Strategy:restrict
    - name: XCCDF Value var_system_crypto_policy # promote to variable
      set_fact:
        var_system_crypto_policy: !!str FIPS
      tags:
        - always
    
    - name: Configure System Cryptography Policy
      lineinfile:
        path: /etc/crypto-policies/config
        regexp: ^(?!#)(\S+)$
        line: '{{ var_system_crypto_policy }}'
        create: true
      tags:
      - CCE-80935-0
      - DISA-STIG-RHEL-08-010020
      - NIST-800-53-AC-17(2)
      - NIST-800-53-AC-17(a)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-MA-4(6)
      - NIST-800-53-SC-12(2)
      - NIST-800-53-SC-12(3)
      - NIST-800-53-SC-13
      - configure_crypto_policy
      - high_severity
      - low_complexity
      - low_disruption
      - no_reboot_needed
      - restrict_strategy
    
    - name: Verify that Crypto Policy is Set (runtime)
      command: /usr/bin/update-crypto-policies --set {{ var_system_crypto_policy }}
      tags:
      - CCE-80935-0
      - DISA-STIG-RHEL-08-010020
      - NIST-800-53-AC-17(2)
      - NIST-800-53-AC-17(a)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-MA-4(6)
      - NIST-800-53-SC-12(2)
      - NIST-800-53-SC-12(3)
      - NIST-800-53-SC-13
      - configure_crypto_policy
      - high_severity
      - low_complexity
      - low_disruption
      - no_reboot_needed
      - restrict_strategy
    
    Configure GnuTLS library to use DoD-approved TLS Encryptionxccdf_org.ssgproject.content_rule_configure_gnutls_tls_crypto_policy mediumCCE-84254-2

    Configure GnuTLS library to use DoD-approved TLS Encryption

    Rule IDxccdf_org.ssgproject.content_rule_configure_gnutls_tls_crypto_policy
    Result
    fail
    Multi-check ruleno
    OVAL Definition IDoval:ssg-configure_gnutls_tls_crypto_policy:def:1
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-84254-2

    References:  CCI-001453, AC-17(2), SRG-OS-000250-GPOS-00093, SRG-OS-000423-GPOS-00187, RHEL-08-010295, SV-230256r877394_rule

    Description
    Crypto Policies provide a centralized control over crypto algorithms usage of many packages. GnuTLS is supported by system crypto policy, but the GnuTLS configuration may be set up to ignore it. To check that Crypto Policies settings are configured correctly, ensure that /etc/crypto-policies/back-ends/gnutls.config contains the following line and is not commented out: +VERS-ALL:-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0
    Rationale
    Overriding the system crypto policy makes the behavior of the GnuTLS library violate expectations, and makes system configuration more fragmented.

    Complexity:low
    Disruption:low
    Reboot:true
    Strategy:restrict
    
    CONF_FILE=/etc/crypto-policies/back-ends/gnutls.config
    correct_value='+VERS-ALL:-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0'
    
    grep -q ${correct_value} ${CONF_FILE}
    
    if [[ $? -ne 0 ]]; then
        # We need to get the existing value, using PCRE to maintain same regex
        existing_value=$(grep -Po '(\+VERS-ALL(?::-VERS-[A-Z]+\d\.\d)+)' ${CONF_FILE})
    
        if [[ ! -z ${existing_value} ]]; then
            # replace existing_value with correct_value
            sed -i "s/${existing_value}/${correct_value}/g" ${CONF_FILE}
        else
            # ***NOTE*** #
            # This probably means this file is not here or it's been modified
            # unintentionally.
            # ********** #
            # echo correct_value to end
            echo ${correct_value} >> ${CONF_FILE}
        fi
    fi
    

    Complexity:low
    Disruption:low
    Reboot:true
    Strategy:restrict
    - name: 'Configure GnuTLS library to use DoD-approved TLS Encryption: set_fact'
      set_fact:
        path: /etc/crypto-policies/back-ends/gnutls.config
        correct_value: +VERS-ALL:-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0
        lineinfile_reg: \+VERS-ALL:-VERS-DTLS0\.9:-VERS-SSL3\.0:-VERS-TLS1\.0:-VERS-TLS1\.1:-VERS-DTLS1\.0
      tags:
      - CCE-84254-2
      - DISA-STIG-RHEL-08-010295
      - NIST-800-53-AC-17(2)
      - configure_gnutls_tls_crypto_policy
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: 'Configure GnuTLS library to use DoD-approved TLS Encryption: stat'
      stat:
        path: '{{ path }}'
        follow: true
      register: gnutls_file
      tags:
      - CCE-84254-2
      - DISA-STIG-RHEL-08-010295
      - NIST-800-53-AC-17(2)
      - configure_gnutls_tls_crypto_policy
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: 'Configure GnuTLS library to use DoD-approved TLS Encryption: Add'
      lineinfile:
        path: '{{ path }}'
        regexp: '{{ lineinfile_reg }}'
        line: '{{ correct_value }}'
        create: true
      when: not gnutls_file.stat.exists or gnutls_file.stat.size <= correct_value|length
      tags:
      - CCE-84254-2
      - DISA-STIG-RHEL-08-010295
      - NIST-800-53-AC-17(2)
      - configure_gnutls_tls_crypto_policy
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: Configure GnuTLS library to use DoD-approved TLS Encryption
      block:
    
      - name: 'Configure GnuTLS library to use DoD-approved TLS Encryption: Existing value
          check'
        lineinfile:
          path: '{{ path }}'
          create: false
          regexp: '{{ lineinfile_reg }}'
          state: absent
        check_mode: true
        changed_when: false
        register: gnutls
    
      - name: 'Configure GnuTLS library to use DoD-approved TLS Encryption: Update'
        replace:
          path: '{{ path }}'
          regexp: (\+VERS-ALL(?::-VERS-[A-Z]+\d\.\d)+)
          replace: '{{ correct_value }}'
        when: gnutls.found is defined and gnutls.found != 1
      when: gnutls_file.stat.exists and gnutls_file.stat.size > correct_value|length
      tags:
      - CCE-84254-2
      - DISA-STIG-RHEL-08-010295
      - NIST-800-53-AC-17(2)
      - configure_gnutls_tls_crypto_policy
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    Configure Kerberos to use System Crypto Policyxccdf_org.ssgproject.content_rule_configure_kerberos_crypto_policy highCCE-80936-8

    Configure Kerberos to use System Crypto Policy

    Rule IDxccdf_org.ssgproject.content_rule_configure_kerberos_crypto_policy
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-configure_kerberos_crypto_policy:def:1
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-80936-8

    References:  0418, 1055, 1402, CIP-003-8 R4.2, CIP-007-3 R5.1, SC-13, SC-12(2), SC-12(3), SRG-OS-000120-GPOS-00061, RHEL-08-010020, SV-230223r877398_rule

    Description
    Crypto Policies provide a centralized control over crypto algorithms usage of many packages. Kerberos is supported by crypto policy, but it's configuration may be set up to ignore it. To check that Crypto Policies settings for Kerberos are configured correctly, examine that there is a symlink at /etc/krb5.conf.d/crypto-policies targeting /etc/cypto-policies/back-ends/krb5.config. If the symlink exists, Kerberos is configured to use the system-wide crypto policy settings.
    Rationale
    Overriding the system crypto policy makes the behavior of Kerberos violate expectations, and makes system configuration more fragmented.
    Configure Libreswan to use System Crypto Policyxccdf_org.ssgproject.content_rule_configure_libreswan_crypto_policy highCCE-80937-6

    Configure Libreswan to use System Crypto Policy

    Rule IDxccdf_org.ssgproject.content_rule_configure_libreswan_crypto_policy
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-configure_libreswan_crypto_policy:def:1
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-80937-6

    References:  CIP-003-8 R4.2, CIP-007-3 R5.1, CM-6(a), MA-4(6), SC-13, SC-12(2), SC-12(3), FCS_IPSEC_EXT.1.4, FCS_IPSEC_EXT.1.6, Req-2.2, 2.2, SRG-OS-000033-GPOS-00014, RHEL-08-010020, SV-230223r877398_rule

    Description
    Crypto Policies provide a centralized control over crypto algorithms usage of many packages. Libreswan is supported by system crypto policy, but the Libreswan configuration may be set up to ignore it. To check that Crypto Policies settings are configured correctly, ensure that the /etc/ipsec.conf includes the appropriate configuration file. In /etc/ipsec.conf, make sure that the following line is not commented out or superseded by later includes: include /etc/crypto-policies/back-ends/libreswan.config
    Rationale
    Overriding the system crypto policy makes the behavior of the Libreswan service violate expectations, and makes system configuration more fragmented.
    Configure OpenSSL library to use System Crypto Policyxccdf_org.ssgproject.content_rule_configure_openssl_crypto_policy mediumCCE-80938-4

    Configure OpenSSL library to use System Crypto Policy

    Rule IDxccdf_org.ssgproject.content_rule_configure_openssl_crypto_policy
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-configure_openssl_crypto_policy:def:1
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80938-4

    References:  CCI-001453, CIP-003-8 R4.2, CIP-007-3 R5.1, CIP-007-3 R7.1, AC-17(a), AC-17(2), CM-6(a), MA-4(6), SC-13, SC-12(2), SC-12(3), Req-2.2, 2.2, SRG-OS-000250-GPOS-00093, RHEL-08-010293, SV-230254r877394_rule

    Description
    Crypto Policies provide a centralized control over crypto algorithms usage of many packages. OpenSSL is supported by crypto policy, but the OpenSSL configuration may be set up to ignore it. To check that Crypto Policies settings are configured correctly, you have to examine the OpenSSL config file available under /etc/pki/tls/openssl.cnf. This file has the ini format, and it enables crypto policy support if there is a [ crypto_policy ] section that contains the .include /etc/crypto-policies/back-ends/opensslcnf.config directive.
    Rationale
    Overriding the system crypto policy makes the behavior of the Java runtime violates expectations, and makes system configuration more fragmented.
    Configure OpenSSL library to use TLS Encryptionxccdf_org.ssgproject.content_rule_configure_openssl_tls_crypto_policy mediumCCE-84255-9

    Configure OpenSSL library to use TLS Encryption

    Rule IDxccdf_org.ssgproject.content_rule_configure_openssl_tls_crypto_policy
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-configure_openssl_tls_crypto_policy:def:1
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-84255-9

    References:  CCI-001453, AC-17(2), SRG-OS-000125-GPOS-00065, SRG-OS-000250-GPOS-00093, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPOS-00174, RHEL-08-010294, SV-230255r877394_rule

    Description
    Crypto Policies are means of enforcing certain cryptographic settings for selected applications including OpenSSL. OpenSSL is by default configured to modify its configuration based on currently configured Crypto Policy. Editing the Crypto Policy back-end is not recommended. Check the crypto-policies(7) man page and choose a policy that configures TLS protocol to version 1.2 or higher, for example DEFAULT, FUTURE or FIPS policy. Or create and apply a custom policy that restricts minimum TLS version to 1.2. For example for versions prior to crypto-policies-20210617-1.gitc776d3e.el8.noarch this is expected:
    $ sudo grep -i MinProtocol /etc/crypto-policies/back-ends/opensslcnf.config
    
    MinProtocol = TLSv1.2
    
    Or for version crypto-policies-20210617-1.gitc776d3e.el8.noarch and newer this is expected:
    $ sudo grep -i MinProtocol /etc/crypto-policies/back-ends/opensslcnf.config
    
    TLS.MinProtocol = TLSv1.2
    DTLS.MinProtocol = DTLSv1.2
    Rationale
    Without cryptographic integrity protections, information can be altered by unauthorized users without detection.
    Warnings
    warning  This rule doesn't come with a remediation, automatically changing the crypto-policies may be too disruptive. Ensure the variable xccdf_org.ssgproject.content_value_var_system_crypto_policy is set to a Crypto Policy that satisfies OpenSSL minimum TLS protocol version 1.2. Custom policies may be applied too.
    Configure SSH to use System Crypto Policyxccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy mediumCCE-80939-2

    Configure SSH to use System Crypto Policy

    Rule IDxccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-configure_ssh_crypto_policy:def:1
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80939-2

    References:  CCI-001453, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.312(e)(1), 164.312(e)(2)(ii), CIP-003-8 R4.2, CIP-007-3 R5.1, CIP-007-3 R7.1, AC-17(a), AC-17(2), CM-6(a), MA-4(6), SC-13, FCS_SSH_EXT.1, FCS_SSHS_EXT.1, FCS_SSHC_EXT.1, Req-2.2, 2.2, SRG-OS-000250-GPOS-00093, RHEL-08-010287, 5.2.14, SV-244526r877394_rule

    Description
    Crypto Policies provide a centralized control over crypto algorithms usage of many packages. SSH is supported by crypto policy, but the SSH configuration may be set up to ignore it. To check that Crypto Policies settings are configured correctly, ensure that the CRYPTO_POLICY variable is either commented or not set at all in the /etc/sysconfig/sshd.
    Rationale
    Overriding the system crypto policy makes the behavior of the SSH service violate expectations, and makes system configuration more fragmented.
    Configure SSH Client to Use FIPS 140-2 Validated Ciphers: openssh.configxccdf_org.ssgproject.content_rule_harden_sshd_ciphers_openssh_conf_crypto_policy highCCE-85902-5

    Configure SSH Client to Use FIPS 140-2 Validated Ciphers: openssh.config

    Rule IDxccdf_org.ssgproject.content_rule_harden_sshd_ciphers_openssh_conf_crypto_policy
    Result
    fail
    Multi-check ruleno
    OVAL Definition IDoval:ssg-harden_sshd_ciphers_openssh_conf_crypto_policy:def:1
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-85902-5

    References:  CCI-000068, CCI-000877, CCI-001453, CCI-002418, CCI-002890, CCI-003123, AC-17(2), SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000250-GPOS-00093, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPOS-00174, SRG-OS-000423-GPOS-00187, RHEL-08-010020, SV-230223r877398_rule

    Description
    Crypto Policies provide a centralized control over crypto algorithms usage of many packages. OpenSSH is supported by system crypto policy, but the OpenSSH configuration may be set up incorrectly. To check that Crypto Policies settings for ciphers are configured correctly, ensure that /etc/crypto-policies/back-ends/openssh.config contains the following line and is not commented out:
    Ciphers aes256-ctr,aes192-ctr,aes128-ctr
    Rationale
    Overriding the system crypto policy makes the behavior of the OpenSSH client violate expectations, and makes system configuration more fragmented. By specifying a cipher list with the order of ciphers being in a “strongest to weakest” orientation, the system will automatically attempt to use the strongest cipher for securing SSH connections.
    Warnings
    warning  The system needs to be rebooted for these changes to take effect.
    warning  System Crypto Modules must be provided by a vendor that undergoes FIPS-140 certifications. FIPS-140 is applicable to all Federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems) as defined in Section 5131 of the Information Technology Management Reform Act of 1996, Public Law 104-106. This standard shall be used in designing and implementing cryptographic modules that Federal departments and agencies operate or are operated for them under contract. See https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf To meet this, the system has to have cryptographic software provided by a vendor that has undergone this certification. This means providing documentation, test results, design information, and independent third party review by an accredited lab. While open source software is capable of meeting this, it does not meet FIPS-140 unless the vendor submits to this process.

    
    sshd_approved_ciphers='aes256-ctr,aes192-ctr,aes128-ctr'
    
    
    if [ -e "/etc/crypto-policies/back-ends/openssh.config" ] ; then
        
        LC_ALL=C sed -i "/^.*Ciphers\s\+/d" "/etc/crypto-policies/back-ends/openssh.config"
    else
        touch "/etc/crypto-policies/back-ends/openssh.config"
    fi
    # make sure file has newline at the end
    sed -i -e '$a\' "/etc/crypto-policies/back-ends/openssh.config"
    
    cp "/etc/crypto-policies/back-ends/openssh.config" "/etc/crypto-policies/back-ends/openssh.config.bak"
    # Insert at the end of the file
    printf '%s\n' "Ciphers ${sshd_approved_ciphers}" >> "/etc/crypto-policies/back-ends/openssh.config"
    # Clean up after ourselves.
    rm "/etc/crypto-policies/back-ends/openssh.config.bak"
    

    Complexity:low
    Disruption:low
    Reboot:true
    Strategy:restrict
    - name: XCCDF Value sshd_approved_ciphers # promote to variable
      set_fact:
        sshd_approved_ciphers: !!str aes256-ctr,aes192-ctr,aes128-ctr
      tags:
        - always
    
    - name: 'Configure SSH Daemon to Use FIPS 140-2 Validated Ciphers: openssh.config'
      block:
    
      - name: Check for duplicate values
        lineinfile:
          path: /etc/crypto-policies/back-ends/openssh.config
          create: false
          regexp: ^.*Ciphers\s+
          state: absent
        check_mode: true
        changed_when: false
        register: dupes
    
      - name: Deduplicate values from /etc/crypto-policies/back-ends/openssh.config
        lineinfile:
          path: /etc/crypto-policies/back-ends/openssh.config
          create: false
          regexp: ^.*Ciphers\s+
          state: absent
        when: dupes.found is defined and dupes.found > 1
    
      - name: Insert correct line to /etc/crypto-policies/back-ends/openssh.config
        lineinfile:
          path: /etc/crypto-policies/back-ends/openssh.config
          create: true
          regexp: ^.*Ciphers\s+
          line: Ciphers {{ sshd_approved_ciphers }}
          state: present
      tags:
      - CCE-85902-5
      - DISA-STIG-RHEL-08-010020
      - NIST-800-53-AC-17(2)
      - harden_sshd_ciphers_openssh_conf_crypto_policy
      - high_severity
      - low_complexity
      - low_disruption
      - reboot_required
      - restrict_strategy
    
    Configure SSH Server to Use FIPS 140-2 Validated Ciphers: opensshserver.configxccdf_org.ssgproject.content_rule_harden_sshd_ciphers_opensshserver_conf_crypto_policy mediumCCE-85897-7

    Configure SSH Server to Use FIPS 140-2 Validated Ciphers: opensshserver.config

    Rule IDxccdf_org.ssgproject.content_rule_harden_sshd_ciphers_opensshserver_conf_crypto_policy
    Result
    fail
    Multi-check ruleno
    OVAL Definition IDoval:ssg-harden_sshd_ciphers_opensshserver_conf_crypto_policy:def:1
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-85897-7

    References:  CCI-000877, CCI-001453, AC-17(2), SRG-OS-000125-GPOS-00065, SRG-OS-000250-GPOS-00093, RHEL-08-010291, SV-230252r917873_rule

    Description
    Crypto Policies provide a centralized control over crypto algorithms usage of many packages. OpenSSH is supported by system crypto policy, but the OpenSSH configuration may be set up incorrectly. To check that Crypto Policies settings for ciphers are configured correctly, ensure that /etc/crypto-policies/back-ends/opensshserver.config contains the following text and is not commented out:
    -oCiphers=aes256-ctr,aes192-ctr,aes128-ctr
    Rationale
    Overriding the system crypto policy makes the behavior of the OpenSSH server violate expectations, and makes system configuration more fragmented. By specifying a cipher list with the order of ciphers being in a “strongest to weakest” orientation, the system will automatically attempt to use the strongest cipher for securing SSH connections.
    Warnings
    warning  The system needs to be rebooted for these changes to take effect.
    warning  System Crypto Modules must be provided by a vendor that undergoes FIPS-140 certifications. FIPS-140 is applicable to all Federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems) as defined in Section 5131 of the Information Technology Management Reform Act of 1996, Public Law 104-106. This standard shall be used in designing and implementing cryptographic modules that Federal departments and agencies operate or are operated for them under contract. See https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf To meet this, the system has to have cryptographic software provided by a vendor that has undergone this certification. This means providing documentation, test results, design information, and independent third party review by an accredited lab. While open source software is capable of meeting this, it does not meet FIPS-140 unless the vendor submits to this process.

    
    sshd_approved_ciphers='aes256-ctr,aes192-ctr,aes128-ctr'
    
    
    CONF_FILE=/etc/crypto-policies/back-ends/opensshserver.config
    correct_value="-oCiphers=${sshd_approved_ciphers}"
    
    # Test if file exists
    test -f ${CONF_FILE} || touch ${CONF_FILE}
    
    # Ensure CRYPTO_POLICY is not commented out
    sed -i 's/#CRYPTO_POLICY=/CRYPTO_POLICY=/' ${CONF_FILE}
    
    grep -q "'${correct_value}'" ${CONF_FILE}
    
    if [[ $? -ne 0 ]]; then
        # We need to get the existing value, using PCRE to maintain same regex
        existing_value=$(grep -Po '(-oCiphers=\S+)' ${CONF_FILE})
    
        if [[ ! -z ${existing_value} ]]; then
            # replace existing_value with correct_value
            sed -i "s/${existing_value}/${correct_value}/g" ${CONF_FILE}
        else
            # ***NOTE*** #
            # This probably means this file is not here or it's been modified
            # unintentionally.
            # ********** #
            # echo correct_value to end
            echo "CRYPTO_POLICY='${correct_value}'" >> ${CONF_FILE}
        fi
    fi
    

    Complexity:low
    Disruption:low
    Reboot:true
    Strategy:restrict
    - name: XCCDF Value sshd_approved_ciphers # promote to variable
      set_fact:
        sshd_approved_ciphers: !!str aes256-ctr,aes192-ctr,aes128-ctr
      tags:
        - always
    
    - name: 'Configure SSH Server to Use FIPS 140-2 Validated Ciphers: opensshserver.config:
        Set facts'
      set_fact:
        path: /etc/crypto-policies/back-ends/opensshserver.config
        correct_value: -oCiphers={{ sshd_approved_ciphers }}
      tags:
      - CCE-85897-7
      - DISA-STIG-RHEL-08-010291
      - NIST-800-53-AC-17(2)
      - harden_sshd_ciphers_opensshserver_conf_crypto_policy
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: 'Configure SSH Server to Use FIPS 140-2 Validated Ciphers: opensshserver.config:
        Stat'
      stat:
        path: '{{ path }}'
        follow: true
      register: opensshserver_file
      tags:
      - CCE-85897-7
      - DISA-STIG-RHEL-08-010291
      - NIST-800-53-AC-17(2)
      - harden_sshd_ciphers_opensshserver_conf_crypto_policy
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: 'Configure SSH Server to Use FIPS 140-2 Validated Ciphers: opensshserver.config:
        Create'
      lineinfile:
        path: '{{ path }}'
        line: CRYPTO_POLICY='{{ correct_value }}'
        create: true
      when: not opensshserver_file.stat.exists or opensshserver_file.stat.size <= correct_value|length
      tags:
      - CCE-85897-7
      - DISA-STIG-RHEL-08-010291
      - NIST-800-53-AC-17(2)
      - harden_sshd_ciphers_opensshserver_conf_crypto_policy
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: 'Configure SSH Server to Use FIPS 140-2 Validated Ciphers: opensshserver.config'
      block:
    
      - name: Existing value check
        lineinfile:
          path: '{{ path }}'
          create: false
          regexp: '{{ correct_value }}'
          state: absent
        check_mode: true
        changed_when: false
        register: opensshserver
    
      - name: Update/Correct value
        replace:
          path: '{{ path }}'
          regexp: (-oCiphers=\S+)
          replace: '{{ correct_value }}'
        when: opensshserver.found is defined and opensshserver.found != 1
      when: opensshserver_file.stat.exists and opensshserver_file.stat.size > correct_value|length
      tags:
      - CCE-85897-7
      - DISA-STIG-RHEL-08-010291
      - NIST-800-53-AC-17(2)
      - harden_sshd_ciphers_opensshserver_conf_crypto_policy
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    Configure SSH Client to Use FIPS 140-2 Validated MACs: openssh.configxccdf_org.ssgproject.content_rule_harden_sshd_macs_openssh_conf_crypto_policy mediumCCE-85870-4

    Configure SSH Client to Use FIPS 140-2 Validated MACs: openssh.config

    Rule IDxccdf_org.ssgproject.content_rule_harden_sshd_macs_openssh_conf_crypto_policy
    Result
    fail
    Multi-check ruleno
    OVAL Definition IDoval:ssg-harden_sshd_macs_openssh_conf_crypto_policy:def:1
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-85870-4

    References:  CCI-000877, CCI-001453, AC-17(2), SRG-OS-000125-GPOS-00065, SRG-OS-000250-GPOS-00093, RHEL-08-010020, SV-230223r877398_rule

    Description
    Crypto Policies provide a centralized control over crypto algorithms usage of many packages. OpenSSH is supported by system crypto policy, but the OpenSSH configuration may be set up incorrectly. To check that Crypto Policies settings are configured correctly, ensure that /etc/crypto-policies/back-ends/openssh.config contains the following line and is not commented out: MACs hmac-sha2-512,hmac-sha2-256
    Rationale
    Overriding the system crypto policy makes the behavior of the OpenSSH client violate expectations, and makes system configuration more fragmented.
    Warnings
    warning  The system needs to be rebooted for these changes to take effect.
    warning  System Crypto Modules must be provided by a vendor that undergoes FIPS-140 certifications. FIPS-140 is applicable to all Federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems) as defined in Section 5131 of the Information Technology Management Reform Act of 1996, Public Law 104-106. This standard shall be used in designing and implementing cryptographic modules that Federal departments and agencies operate or are operated for them under contract. See https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf To meet this, the system has to have cryptographic software provided by a vendor that has undergone this certification. This means providing documentation, test results, design information, and independent third party review by an accredited lab. While open source software is capable of meeting this, it does not meet FIPS-140 unless the vendor submits to this process.

    
    sshd_approved_macs='hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com'
    
    
    if [ -e "/etc/crypto-policies/back-ends/openssh.config" ] ; then
        
        LC_ALL=C sed -i "/^.*MACs\s\+/d" "/etc/crypto-policies/back-ends/openssh.config"
    else
        touch "/etc/crypto-policies/back-ends/openssh.config"
    fi
    # make sure file has newline at the end
    sed -i -e '$a\' "/etc/crypto-policies/back-ends/openssh.config"
    
    cp "/etc/crypto-policies/back-ends/openssh.config" "/etc/crypto-policies/back-ends/openssh.config.bak"
    # Insert at the end of the file
    printf '%s\n' "MACs ${sshd_approved_macs}" >> "/etc/crypto-policies/back-ends/openssh.config"
    # Clean up after ourselves.
    rm "/etc/crypto-policies/back-ends/openssh.config.bak"
    

    Complexity:low
    Disruption:low
    Reboot:true
    Strategy:restrict
    - name: XCCDF Value sshd_approved_macs # promote to variable
      set_fact:
        sshd_approved_macs: !!str hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
      tags:
        - always
    
    - name: 'Configure SSH Daemon to Use FIPS 140-2 Validated MACs: openssh.config'
      block:
    
      - name: Check for duplicate values
        lineinfile:
          path: /etc/crypto-policies/back-ends/openssh.config
          create: false
          regexp: ^.*MACs\s+
          state: absent
        check_mode: true
        changed_when: false
        register: dupes
    
      - name: Deduplicate values from /etc/crypto-policies/back-ends/openssh.config
        lineinfile:
          path: /etc/crypto-policies/back-ends/openssh.config
          create: false
          regexp: ^.*MACs\s+
          state: absent
        when: dupes.found is defined and dupes.found > 1
    
      - name: Insert correct line to /etc/crypto-policies/back-ends/openssh.config
        lineinfile:
          path: /etc/crypto-policies/back-ends/openssh.config
          create: true
          regexp: ^.*MACs\s+
          line: MACs {{ sshd_approved_macs }}
          state: present
      tags:
      - CCE-85870-4
      - DISA-STIG-RHEL-08-010020
      - NIST-800-53-AC-17(2)
      - harden_sshd_macs_openssh_conf_crypto_policy
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    Configure SSH Server to Use FIPS 140-2 Validated MACs: opensshserver.configxccdf_org.ssgproject.content_rule_harden_sshd_macs_opensshserver_conf_crypto_policy mediumCCE-85899-3

    Configure SSH Server to Use FIPS 140-2 Validated MACs: opensshserver.config

    Rule IDxccdf_org.ssgproject.content_rule_harden_sshd_macs_opensshserver_conf_crypto_policy
    Result
    fail
    Multi-check ruleno
    OVAL Definition IDoval:ssg-harden_sshd_macs_opensshserver_conf_crypto_policy:def:1
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-85899-3

    References:  CCI-000877, CCI-001453, AC-17(2), SRG-OS-000125-GPOS-00065, SRG-OS-000250-GPOS-00093, RHEL-08-010290, SV-230251r917870_rule

    Description
    Crypto Policies provide a centralized control over crypto algorithms usage of many packages. OpenSSH is supported by system crypto policy, but the OpenSSH configuration may be set up incorrectly. To check that Crypto Policies settings are configured correctly, ensure that /etc/crypto-policies/back-ends/opensshserver.config contains the following text and is not commented out: -oMACS=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
    Rationale
    Overriding the system crypto policy makes the behavior of the OpenSSH server violate expectations, and makes system configuration more fragmented.
    Warnings
    warning  The system needs to be rebooted for these changes to take effect.
    warning  System Crypto Modules must be provided by a vendor that undergoes FIPS-140 certifications. FIPS-140 is applicable to all Federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems) as defined in Section 5131 of the Information Technology Management Reform Act of 1996, Public Law 104-106. This standard shall be used in designing and implementing cryptographic modules that Federal departments and agencies operate or are operated for them under contract. See https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf To meet this, the system has to have cryptographic software provided by a vendor that has undergone this certification. This means providing documentation, test results, design information, and independent third party review by an accredited lab. While open source software is capable of meeting this, it does not meet FIPS-140 unless the vendor submits to this process.

    
    sshd_approved_macs='hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com'
    
    
    CONF_FILE=/etc/crypto-policies/back-ends/opensshserver.config
    correct_value="-oMACs=${sshd_approved_macs}"
    
    # Test if file exists
    test -f ${CONF_FILE} || touch ${CONF_FILE}
    
    # Ensure CRYPTO_POLICY is not commented out
    sed -i 's/#CRYPTO_POLICY=/CRYPTO_POLICY=/' ${CONF_FILE}
    
    grep -q "'${correct_value}'" ${CONF_FILE}
    
    if [[ $? -ne 0 ]]; then
        # We need to get the existing value, using PCRE to maintain same regex
        existing_value=$(grep -Po '(-oMACs=\S+)' ${CONF_FILE})
    
        if [[ ! -z ${existing_value} ]]; then
            # replace existing_value with correct_value
            sed -i "s/${existing_value}/${correct_value}/g" ${CONF_FILE}
        else
            # ***NOTE*** #
            # This probably means this file is not here or it's been modified
            # unintentionally.
            # ********** #
            # echo correct_value to end
            echo "CRYPTO_POLICY='${correct_value}'" >> ${CONF_FILE}
        fi
    fi
    

    Complexity:low
    Disruption:low
    Reboot:true
    Strategy:restrict
    - name: XCCDF Value sshd_approved_macs # promote to variable
      set_fact:
        sshd_approved_macs: !!str hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
      tags:
        - always
    
    - name: 'Configure SSH Server to Use FIPS 140-2 Validated MACs: opensshserver.config:
        Set facts'
      set_fact:
        path: /etc/crypto-policies/back-ends/opensshserver.config
        correct_value: -oMACs={{ sshd_approved_macs }}
      tags:
      - CCE-85899-3
      - DISA-STIG-RHEL-08-010290
      - NIST-800-53-AC-17(2)
      - harden_sshd_macs_opensshserver_conf_crypto_policy
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: 'Configure SSH Server to Use FIPS 140-2 Validated MACs: opensshserver.config:
        Stat'
      stat:
        path: '{{ path }}'
        follow: true
      register: opensshserver_file
      tags:
      - CCE-85899-3
      - DISA-STIG-RHEL-08-010290
      - NIST-800-53-AC-17(2)
      - harden_sshd_macs_opensshserver_conf_crypto_policy
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: 'Configure SSH Server to Use FIPS 140-2 Validated MACs: opensshserver.config:
        Create'
      lineinfile:
        path: '{{ path }}'
        line: CRYPTO_POLICY='{{ correct_value }}'
        create: true
      when: not opensshserver_file.stat.exists or opensshserver_file.stat.size <= correct_value|length
      tags:
      - CCE-85899-3
      - DISA-STIG-RHEL-08-010290
      - NIST-800-53-AC-17(2)
      - harden_sshd_macs_opensshserver_conf_crypto_policy
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: 'Configure SSH Server to Use FIPS 140-2 Validated MACs: opensshserver.config'
      block:
    
      - name: Existing value check
        lineinfile:
          path: '{{ path }}'
          create: false
          regexp: '{{ correct_value }}'
          state: absent
        check_mode: true
        changed_when: false
        register: opensshserver
    
      - name: Update/Correct value
        replace:
          path: '{{ path }}'
          regexp: (-oMACs=\S+)
          replace: '{{ correct_value }}'
        when: opensshserver.found is defined and opensshserver.found != 1
      when: opensshserver_file.stat.exists and opensshserver_file.stat.size > correct_value|length
      tags:
      - CCE-85899-3
      - DISA-STIG-RHEL-08-010290
      - NIST-800-53-AC-17(2)
      - harden_sshd_macs_opensshserver_conf_crypto_policy
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    The Installed Operating System Is Vendor Supportedxccdf_org.ssgproject.content_rule_installed_OS_is_vendor_supported highCCE-80947-5

    The Installed Operating System Is Vendor Supported

    Rule IDxccdf_org.ssgproject.content_rule_installed_OS_is_vendor_supported
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-installed_OS_is_vendor_supported:def:1
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-80947-5

    References:  18, 20, 4, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, CM-6(a), MA-6, SA-13(a), ID.RA-1, PR.IP-12, SRG-OS-000480-GPOS-00227, RHEL-08-010000, SV-230221r858734_rule

    Description
    The installed operating system must be maintained by a vendor. Red Hat Enterprise Linux is supported by Red Hat, Inc. As the Red Hat Enterprise Linux vendor, Red Hat, Inc. is responsible for providing security patches.
    Rationale
    An operating system is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve any security issue discovered in the system software.
    Warnings
    warning  There is no remediation besides switching to a different operating system.
    Install McAfee Endpoint Security for Linux (ENSL)xccdf_org.ssgproject.content_rule_package_mcafeetp_installed mediumCCE-86260-7

    Install McAfee Endpoint Security for Linux (ENSL)

    Rule IDxccdf_org.ssgproject.content_rule_package_mcafeetp_installed
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-86260-7

    References:  CCI-001263, CCI-000366, SI-2(2), SRG-OS-000191-GPOS-00080, RHEL-08-010001, SV-245540r754730_rule

    Description
    Install McAfee Endpoint Security for Linux antivirus software which is provided for DoD systems and uses signatures to search for the presence of viruses on the filesystem. The McAfeeTP package can be installed with the following command:
    $ sudo yum install McAfeeTP
    Rationale
    Virus scanning software can be used to detect if a system has been compromised by computer viruses, as well as to limit their spread to other systems.
    Warnings
    warning  Due to McAfee Endpoint Security for Linux (ENSL) being 3rd party software, automated remediation is not available for this configuration check.
    Ensure McAfee Endpoint Security for Linux (ENSL) is runningxccdf_org.ssgproject.content_rule_agent_mfetpd_running mediumCCE-86261-5

    Ensure McAfee Endpoint Security for Linux (ENSL) is running

    Rule IDxccdf_org.ssgproject.content_rule_agent_mfetpd_running
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-86261-5

    References:  CCI-001263, CCI-000366, SI-2(2), SRG-OS-000191-GPOS-00080, RHEL-08-010001, SV-245540r754730_rule

    Description
    Install McAfee Endpoint Security for Linux antivirus software which is provided for DoD systems and uses signatures to search for the presence of viruses on the filesystem.
    Rationale
    Virus scanning software can be used to detect if a system has been compromised by computer viruses, as well as to limit their spread to other systems.
    Warnings
    warning  Due to McAfee Endpoint Security for Linux (ENSL) being 3rd party software, automated remediation is not available for this configuration check.
    Encrypt Partitionsxccdf_org.ssgproject.content_rule_encrypt_partitions highCCE-80789-1

    Encrypt Partitions

    Rule IDxccdf_org.ssgproject.content_rule_encrypt_partitions
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-80789-1

    References:  13, 14, APO01.06, BAI02.01, BAI06.01, DSS04.07, DSS05.03, DSS05.04, DSS05.07, DSS06.02, DSS06.06, 3.13.16, CCI-001199, CCI-002475, CCI-002476, 164.308(a)(1)(ii)(D), 164.308(b)(1), 164.310(d), 164.312(a)(1), 164.312(a)(2)(iii), 164.312(a)(2)(iv), 164.312(b), 164.312(c), 164.314(b)(2)(i), 164.312(d), SR 3.4, SR 4.1, SR 5.2, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CIP-003-8 R4.2, CIP-007-3 R5.1, CM-6(a), SC-28, SC-28(1), SC-13, AU-9(3), PR.DS-1, PR.DS-5, SRG-OS-000405-GPOS-00184, SRG-OS-000185-GPOS-00079, SRG-OS-000404-GPOS-00183, RHEL-08-010030, SV-230224r917864_rule

    Description
    Red Hat Enterprise Linux 8 natively supports partition encryption through the Linux Unified Key Setup-on-disk-format (LUKS) technology. The easiest way to encrypt a partition is during installation time.

    For manual installations, select the Encrypt checkbox during partition creation to encrypt the partition. When this option is selected the system will prompt for a passphrase to use in decrypting the partition. The passphrase will subsequently need to be entered manually every time the system boots.

    For automated/unattended installations, it is possible to use Kickstart by adding the --encrypted and --passphrase= options to the definition of each partition to be encrypted. For example, the following line would encrypt the root partition:
    part / --fstype=ext4 --size=100 --onpart=hda1 --encrypted --passphrase=PASSPHRASE
    Any PASSPHRASE is stored in the Kickstart in plaintext, and the Kickstart must then be protected accordingly. Omitting the --passphrase= option from the partition definition will cause the installer to pause and interactively ask for the passphrase during installation.

    By default, the Anaconda installer uses aes-xts-plain64 cipher with a minimum 512 bit key size which should be compatible with FIPS enabled.

    Detailed information on encrypting partitions using LUKS or LUKS ciphers can be found on the Red Hat Enterprise Linux 8 Documentation web site:
    https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/encrypting-block-devices-using-luks_security-hardening .
    Rationale
    The risk of a system's physical compromise, particularly mobile systems such as laptops, places its data at risk of compromise. Encrypting this data mitigates the risk of its loss if the system is lost.
    Ensure /home Located On Separate Partitionxccdf_org.ssgproject.content_rule_partition_for_home lowCCE-81044-0

    Ensure /home Located On Separate Partition

    Rule IDxccdf_org.ssgproject.content_rule_partition_for_home
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-81044-0

    References:  BP28(R12), 12, 15, 8, APO13.01, DSS05.02, CCI-000366, CCI-001208, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.6, A.13.1.1, A.13.2.1, A.14.1.3, CM-6(a), SC-5(2), PR.PT-4, SRG-OS-000480-GPOS-00227, RHEL-08-010800, 1.1.7.1, SV-230328r902723_rule

    Description
    If user home directories will be stored locally, create a separate partition for /home at installation time (or migrate it later using LVM). If /home will be mounted from another system such as an NFS server, then creating a separate partition is not necessary at installation time, and the mountpoint can instead be configured later.
    Rationale
    Ensuring that /home is mounted on its own partition enables the setting of more restrictive mount options, and also helps ensure that users cannot trivially fill partitions used for log or audit data storage.
    Ensure /tmp Located On Separate Partitionxccdf_org.ssgproject.content_rule_partition_for_tmp lowCCE-80851-9

    Ensure /tmp Located On Separate Partition

    Rule IDxccdf_org.ssgproject.content_rule_partition_for_tmp
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-80851-9

    References:  BP28(R12), 12, 15, 8, APO13.01, DSS05.02, CCI-000366, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.6, A.13.1.1, A.13.2.1, A.14.1.3, CM-6(a), SC-5(2), PR.PT-4, SRG-OS-000480-GPOS-00227, RHEL-08-010543, 1.1.2.1, SV-230295r627750_rule

    Description
    The /tmp directory is a world-writable directory used for temporary file storage. Ensure it has its own partition or logical volume at installation time, or migrate it using LVM.
    Rationale
    The /tmp partition is used as temporary storage by many programs. Placing /tmp in its own partition enables the setting of more restrictive mount options, which can help protect programs which use it.
    Ensure /var Located On Separate Partitionxccdf_org.ssgproject.content_rule_partition_for_var lowCCE-80852-7

    Ensure /var Located On Separate Partition

    Rule IDxccdf_org.ssgproject.content_rule_partition_for_var
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-80852-7

    References:  BP28(R12), 12, 15, 8, APO13.01, DSS05.02, CCI-000366, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.6, A.13.1.1, A.13.2.1, A.14.1.3, CM-6(a), SC-5(2), PR.PT-4, SRG-OS-000480-GPOS-00227, RHEL-08-010540, 1.1.3.1, SV-230292r902718_rule

    Description
    The /var directory is used by daemons and other system services to store frequently-changing data. Ensure that /var has its own partition or logical volume at installation time, or migrate it using LVM.
    Rationale
    Ensuring that /var is mounted on its own partition enables the setting of more restrictive mount options. This helps protect system services such as daemons or other programs which use it. It is not uncommon for the /var directory to contain world-writable directories installed by other software packages.
    Ensure /var/log Located On Separate Partitionxccdf_org.ssgproject.content_rule_partition_for_var_log lowCCE-80853-5

    Ensure /var/log Located On Separate Partition

    Rule IDxccdf_org.ssgproject.content_rule_partition_for_var_log
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-80853-5

    References:  BP28(R12), BP28(R47), 1, 12, 14, 15, 16, 3, 5, 6, 8, APO11.04, APO13.01, BAI03.05, DSS05.02, DSS05.04, DSS05.07, MEA02.01, CCI-000366, 4.3.3.3.9, 4.3.3.5.8, 4.3.4.4.7, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 2.10, SR 2.11, SR 2.12, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.6, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.2.1, A.14.1.3, CIP-007-3 R6.5, CM-6(a), AU-4, SC-5(2), PR.PT-1, PR.PT-4, SRG-OS-000480-GPOS-00227, RHEL-08-010541, 1.1.5.1, SV-230293r902720_rule

    Description
    System logs are stored in the /var/log directory. Ensure that /var/log has its own partition or logical volume at installation time, or migrate it using LVM.
    Rationale
    Placing /var/log in its own partition enables better separation between log files and other files in /var/.
    Ensure /var/log/audit Located On Separate Partitionxccdf_org.ssgproject.content_rule_partition_for_var_log_audit lowCCE-80854-3

    Ensure /var/log/audit Located On Separate Partition

    Rule IDxccdf_org.ssgproject.content_rule_partition_for_var_log_audit
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-80854-3

    References:  BP28(R43), 1, 12, 13, 14, 15, 16, 2, 3, 5, 6, 8, APO11.04, APO13.01, BAI03.05, BAI04.04, DSS05.02, DSS05.04, DSS05.07, MEA02.01, CCI-000366, CCI-001849, 164.312(a)(2)(ii), 4.3.3.3.9, 4.3.3.5.8, 4.3.4.4.7, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 2.10, SR 2.11, SR 2.12, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.2, SR 7.6, A.12.1.3, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.2.1, A.14.1.3, A.17.2.1, CIP-007-3 R6.5, CM-6(a), AU-4, SC-5(2), PR.DS-4, PR.PT-1, PR.PT-4, FMT_SMF_EXT.1, SRG-OS-000341-GPOS-00132, SRG-OS-000480-GPOS-00227, RHEL-08-010542, 1.1.6.1, SV-230294r627750_rule

    Description
    Audit logs are stored in the /var/log/audit directory. Ensure that /var/log/audit has its own partition or logical volume at installation time, or migrate it using LVM. Make absolutely certain that it is large enough to store all audit logs that will be created by the auditing daemon.
    Rationale
    Placing /var/log/audit in its own partition enables better separation between audit files and other files, and helps ensure that auditing cannot be halted due to the partition running out of space.
    Ensure /var/tmp Located On Separate Partitionxccdf_org.ssgproject.content_rule_partition_for_var_tmp mediumCCE-82730-3

    Ensure /var/tmp Located On Separate Partition

    Rule IDxccdf_org.ssgproject.content_rule_partition_for_var_tmp
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-82730-3

    References:  BP28(R12), SRG-OS-000480-GPOS-00227, RHEL-08-010544, 1.1.4.1, SV-244529r902737_rule

    Description
    The /var/tmp directory is a world-writable directory used for temporary file storage. Ensure it has its own partition or logical volume at installation time, or migrate it using LVM.
    Rationale
    The /var/tmp partition is used as temporary storage by many programs. Placing /var/tmp in its own partition enables the setting of more restrictive mount options, which can help protect programs which use it.
    Disable the GNOME3 Login User Listxccdf_org.ssgproject.content_rule_dconf_gnome_disable_user_list mediumCCE-86195-5

    Disable the GNOME3 Login User List

    Rule IDxccdf_org.ssgproject.content_rule_dconf_gnome_disable_user_list
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-86195-5

    References:  CM-6(a), AC-23, SRG-OS-000480-GPOS-00227, RHEL-08-020032, 1.8.3, SV-244536r743857_rule

    Description
    In the default graphical environment, users logging directly into the system are greeted with a login screen that displays all known users. This functionality should be disabled by setting disable-user-list to true.

    To disable, add or edit disable-user-list to /etc/dconf/db/gdm.d/00-security-settings. For example:
    [org/gnome/login-screen]
    disable-user-list=true
    Once the setting has been added, add a lock to /etc/dconf/db/gdm.d/locks/00-security-settings-lock to prevent user modification. For example:
    /org/gnome/login-screen/disable-user-list
    After the settings have been set, run dconf update.
    Rationale
    Leaving the user list enabled is a security risk since it allows anyone with physical access to the system to quickly enumerate known user accounts without logging in.
    Enable the GNOME3 Screen Locking On Smartcard Removalxccdf_org.ssgproject.content_rule_dconf_gnome_lock_screen_on_smartcard_removal mediumCCE-83910-0

    Enable the GNOME3 Screen Locking On Smartcard Removal

    Rule IDxccdf_org.ssgproject.content_rule_dconf_gnome_lock_screen_on_smartcard_removal
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-83910-0

    References:  CCI-000056, CCI-000058, SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011, RHEL-08-020050, SV-230351r792899_rule

    Description
    In the default graphical environment, screen locking on smartcard removal can be enabled by setting removal-action to 'lock-screen'.

    To enable, add or edit removal-action to /etc/dconf/db/local.d/00-security-settings. For example:
    [org/gnome/settings-daemon/peripherals/smartcard]
    removal-action='lock-screen'
    Once the setting has been added, add a lock to /etc/dconf/db/local.d/locks/00-security-settings-lock to prevent user modification. For example:
    /org/gnome/settings-daemon/peripherals/smartcard/removal-action
    After the settings have been set, run dconf update.
    Rationale
    Locking the screen automatically when removing the smartcard can prevent undesired access to system.
    Set GNOME3 Screensaver Inactivity Timeoutxccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_idle_delay mediumCCE-80775-0

    Set GNOME3 Screensaver Inactivity Timeout

    Rule IDxccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_idle_delay
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80775-0

    References:  1, 12, 15, 16, 5.5.5, DSS05.04, DSS05.10, DSS06.10, 3.1.10, CCI-000057, CCI-000060, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, SR 1.1, SR 1.10, SR 1.2, SR 1.5, SR 1.7, SR 1.8, SR 1.9, A.18.1.4, A.9.2.1, A.9.2.4, A.9.3.1, A.9.4.2, A.9.4.3, AC-11(a), CM-6(a), PR.AC-7, FMT_MOF_EXT.1, Req-8.1.8, 8.2.8, SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, RHEL-08-020060, SV-230352r646876_rule

    Description
    The idle time-out value for inactivity in the GNOME3 desktop is configured via the idle-delay setting must be set under an appropriate configuration file(s) in the /etc/dconf/db/local.d directory and locked in /etc/dconf/db/local.d/locks directory to prevent user modification.

    For example, to configure the system for a 15 minute delay, add the following to /etc/dconf/db/local.d/00-security-settings:
    [org/gnome/desktop/session]
    idle-delay=uint32 900
    Rationale
    A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not logout because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, GNOME3 can be configured to identify when a user's session has idled and take action to initiate a session lock.
    Set GNOME3 Screensaver Lock Delay After Activation Periodxccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_lock_delay mediumCCE-80776-8

    Set GNOME3 Screensaver Lock Delay After Activation Period

    Rule IDxccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_lock_delay
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80776-8

    References:  1, 12, 15, 16, DSS05.04, DSS05.10, DSS06.10, 3.1.10, CCI-000056, CCI-000057, CCI-000060, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, SR 1.1, SR 1.10, SR 1.2, SR 1.5, SR 1.7, SR 1.8, SR 1.9, A.18.1.4, A.9.2.1, A.9.2.4, A.9.3.1, A.9.4.2, A.9.4.3, AC-11(a), CM-6(a), PR.AC-7, FMT_MOF_EXT.1, Req-8.1.8, SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, RHEL-08-020031, SV-244535r743854_rule

    Description
    To activate the locking delay of the screensaver in the GNOME3 desktop when the screensaver is activated, add or set lock-delay to uint32 5 in /etc/dconf/db/local.d/00-security-settings. For example:
    [org/gnome/desktop/screensaver]
    lock-delay=uint32 5
    
    After the settings have been set, run dconf update.
    Rationale
    A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to logout because of the temporary nature of the absense.
    Enable GNOME3 Screensaver Lock After Idle Periodxccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_lock_enabled mediumCCE-80777-6

    Enable GNOME3 Screensaver Lock After Idle Period

    Rule IDxccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_lock_enabled
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80777-6

    References:  1, 12, 15, 16, 5.5.5, DSS05.04, DSS05.10, DSS06.10, 3.1.10, CCI-000056, CCI-000058, CCI-000060, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, SR 1.1, SR 1.10, SR 1.2, SR 1.5, SR 1.7, SR 1.8, SR 1.9, A.18.1.4, A.9.2.1, A.9.2.4, A.9.3.1, A.9.4.2, A.9.4.3, CM-6(a), PR.AC-7, FMT_MOF_EXT.1, Req-8.1.8, 8.2.8, SRG-OS-000028-GPOS-00009, SRG-OS-000030-GPOS-00011, RHEL-08-020030, SV-230347r627750_rule

    Description
    To activate locking of the screensaver in the GNOME3 desktop when it is activated, add or set lock-enabled to true in /etc/dconf/db/local.d/00-security-settings. For example:
    [org/gnome/desktop/screensaver]
    lock-enabled=true
    
    Once the settings have been added, add a lock to /etc/dconf/db/local.d/locks/00-security-settings-lock to prevent user modification. For example:
    /org/gnome/desktop/screensaver/lock-enabled
    After the settings have been set, run dconf update.
    Rationale
    A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not want to logout because of the temporary nature of the absense.
    Ensure Users Cannot Change GNOME3 Screensaver Settingsxccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_user_locks mediumCCE-80780-0

    Ensure Users Cannot Change GNOME3 Screensaver Settings

    Rule IDxccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_user_locks
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80780-0

    References:  1, 12, 15, 16, DSS05.04, DSS05.10, DSS06.10, 3.1.10, CCI-000057, CCI-000060, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, SR 1.1, SR 1.10, SR 1.2, SR 1.5, SR 1.7, SR 1.8, SR 1.9, A.18.1.4, A.9.2.1, A.9.2.4, A.9.3.1, A.9.4.2, A.9.4.3, CM-6(a), PR.AC-7, FMT_MOF_EXT.1, SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, RHEL-08-020080, SV-230354r743990_rule

    Description
    If not already configured, ensure that users cannot change GNOME3 screensaver lock settings by adding /org/gnome/desktop/screensaver/lock-delay to /etc/dconf/db/local.d/locks/00-security-settings-lock to prevent user modification. For example:
    /org/gnome/desktop/screensaver/lock-delay
    After the settings have been set, run dconf update.
    Rationale
    A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not logout because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, GNOME desktops can be configured to identify when a user's session has idled and take action to initiate the session lock. As such, users should not be allowed to change session settings.
    Ensure Users Cannot Change GNOME3 Session Idle Settingsxccdf_org.ssgproject.content_rule_dconf_gnome_session_idle_user_locks mediumCCE-80781-8

    Ensure Users Cannot Change GNOME3 Session Idle Settings

    Rule IDxccdf_org.ssgproject.content_rule_dconf_gnome_session_idle_user_locks
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80781-8

    References:  1, 12, 15, 16, DSS05.04, DSS05.10, DSS06.10, 3.1.10, CCI-000057, CCI-000060, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, SR 1.1, SR 1.10, SR 1.2, SR 1.5, SR 1.7, SR 1.8, SR 1.9, A.18.1.4, A.9.2.1, A.9.2.4, A.9.3.1, A.9.4.2, A.9.4.3, CM-6(a), PR.AC-7, FMT_MOF_EXT.1, Req-8.1.8, 8.2.8, SRG-OS-000029-GPOS-00010, SRG-OS-000031-GPOS-00012, RHEL-08-020081, SV-244538r743863_rule

    Description
    If not already configured, ensure that users cannot change GNOME3 session idle settings by adding /org/gnome/desktop/session/idle-delay to /etc/dconf/db/local.d/locks/00-security-settings-lock to prevent user modification. For example:
    /org/gnome/desktop/session/idle-delay
    After the settings have been set, run dconf update.
    Rationale
    A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system but does not logout because of the temporary nature of the absence. Rather than relying on the user to manually lock their operating system session prior to vacating the vicinity, GNOME desktops can be configured to identify when a user's session has idled and take action to initiate the session lock. As such, users should not be allowed to change session settings.
    Disable Ctrl-Alt-Del Reboot Key Sequence in GNOME3xccdf_org.ssgproject.content_rule_dconf_gnome_disable_ctrlaltdel_reboot highCCE-84028-0

    Disable Ctrl-Alt-Del Reboot Key Sequence in GNOME3

    Rule IDxccdf_org.ssgproject.content_rule_dconf_gnome_disable_ctrlaltdel_reboot
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-84028-0

    References:  12, 13, 14, 15, 16, 18, 3, 5, APO01.06, DSS05.04, DSS05.07, DSS06.02, 3.1.2, CCI-000366, 4.3.3.7.3, SR 2.1, SR 5.2, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CM-6(a), AC-6(1), CM-7(b), PR.AC-4, PR.DS-5, SRG-OS-000480-GPOS-00227, RHEL-08-040171, SV-230530r646883_rule

    Description
    By default, GNOME will reboot the system if the Ctrl-Alt-Del key sequence is pressed.

    To configure the system to ignore the Ctrl-Alt-Del key sequence from the Graphical User Interface (GUI) instead of rebooting the system, add or set logout to '' in /etc/dconf/db/local.d/00-security-settings. For example:
    [org/gnome/settings-daemon/plugins/media-keys]
    logout=''
    Once the settings have been added, add a lock to /etc/dconf/db/local.d/locks/00-security-settings-lock to prevent user modification. For example:
    /org/gnome/settings-daemon/plugins/media-keys/logout
    After the settings have been set, run dconf update.
    Rationale
    A locally logged-in user who presses Ctrl-Alt-Del, when at the console, can reboot the system. If accidentally pressed, as could happen in the case of mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot.
    Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticatexccdf_org.ssgproject.content_rule_sudo_remove_no_authenticate mediumCCE-82202-3

    Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate

    Rule IDxccdf_org.ssgproject.content_rule_sudo_remove_no_authenticate
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-sudo_remove_no_authenticate:def:1
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-82202-3

    References:  BP28(R5), BP28(R59), 1, 12, 15, 16, 5, DSS05.04, DSS05.10, DSS06.03, DSS06.10, CCI-002038, 4.3.3.5.1, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, SR 1.1, SR 1.10, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.7, SR 1.8, SR 1.9, A.18.1.4, A.9.2.1, A.9.2.2, A.9.2.3, A.9.2.4, A.9.2.6, A.9.3.1, A.9.4.2, A.9.4.3, IA-11, CM-6(a), PR.AC-1, PR.AC-7, SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158, RHEL-08-010381, SV-230272r854027_rule

    Description
    The sudo !authenticate option, when specified, allows a user to execute commands using sudo without having to authenticate. This should be disabled by making sure that the !authenticate option does not exist in /etc/sudoers configuration file or any sudo configuration snippets in /etc/sudoers.d/.
    Rationale
    Without re-authentication, users may access resources or perform tasks for which they do not have authorization.

    When operating systems provide the capability to escalate a functional capability, it is critical that the user re-authenticate.
    Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWDxccdf_org.ssgproject.content_rule_sudo_remove_nopasswd mediumCCE-82197-5

    Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD

    Rule IDxccdf_org.ssgproject.content_rule_sudo_remove_nopasswd
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-sudo_remove_nopasswd:def:1
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-82197-5

    References:  BP28(R5), BP28(R59), 1, 12, 15, 16, 5, DSS05.04, DSS05.10, DSS06.03, DSS06.10, CCI-002038, 4.3.3.5.1, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, SR 1.1, SR 1.10, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.7, SR 1.8, SR 1.9, A.18.1.4, A.9.2.1, A.9.2.2, A.9.2.3, A.9.2.4, A.9.2.6, A.9.3.1, A.9.4.2, A.9.4.3, IA-11, CM-6(a), PR.AC-1, PR.AC-7, SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158, RHEL-08-010380, SV-230271r854026_rule

    Description
    The sudo NOPASSWD tag, when specified, allows a user to execute commands using sudo without having to authenticate. This should be disabled by making sure that the NOPASSWD tag does not exist in /etc/sudoers configuration file or any sudo configuration snippets in /etc/sudoers.d/.
    Rationale
    Without re-authentication, users may access resources or perform tasks for which they do not have authorization.

    When operating systems provide the capability to escalate a functional capability, it is critical that the user re-authenticate.
    Warnings
    warning  This rule is disabled on Red Hat Virtualization Hosts and Managers, it will report not applicable. RHV requires to perform operations as root without being asked for password.
    Require Re-Authentication When Using the sudo Commandxccdf_org.ssgproject.content_rule_sudo_require_reauthentication mediumCCE-87838-9

    Require Re-Authentication When Using the sudo Command

    Rule IDxccdf_org.ssgproject.content_rule_sudo_require_reauthentication
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-87838-9

    References:  CCI-002038, IA-11, SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158, RHEL-08-010384, 5.3.5, 5.3.6, SV-237643r861088_rule

    Description
    The sudo timestamp_timeout tag sets the amount of time sudo password prompt waits. The default timestamp_timeout value is 5 minutes. The timestamp_timeout should be configured by making sure that the timestamp_timeout tag exists in /etc/sudoers configuration file or any sudo configuration snippets in /etc/sudoers.d/. If the value is set to an integer less than 0, the user's time stamp will not expire and the user will not have to re-authenticate for privileged actions until the user's session is terminated.
    Rationale
    Without re-authentication, users may access resources or perform tasks for which they do not have authorization.

    When operating systems provide the capability to escalate a functional capability, it is critical that the user re-authenticate.
    The operating system must restrict privilege elevation to authorized personnelxccdf_org.ssgproject.content_rule_sudo_restrict_privilege_elevation_to_authorized mediumCCE-83425-9

    The operating system must restrict privilege elevation to authorized personnel

    Rule IDxccdf_org.ssgproject.content_rule_sudo_restrict_privilege_elevation_to_authorized
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-83425-9

    References:  CCI-000366, CM-6(b), CM-6(iv), SRG-OS-000480-GPOS-00227, RHEL-08-010382, SV-237641r646893_rule

    Description
    The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. Restrict privileged actions by removing the following entries from the sudoers file: ALL ALL=(ALL) ALL ALL ALL=(ALL:ALL) ALL
    Rationale
    If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
    Warnings
    warning  This rule doesn't come with a remediation, as the exact requirement allows exceptions, and removing lines from the sudoers file can make the system non-administrable.
    Ensure sudo only includes the default configuration directoryxccdf_org.ssgproject.content_rule_sudoers_default_includedir mediumCCE-86377-9

    Ensure sudo only includes the default configuration directory

    Rule IDxccdf_org.ssgproject.content_rule_sudoers_default_includedir
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-sudoers_default_includedir:def:1
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-86377-9

    References:  CCI-000366, SRG-OS-000480-GPOS-00227, RHEL-08-010379, SV-251711r833385_rule

    Description
    Administrators can configure authorized sudo users via drop-in files, and it is possible to include other directories and configuration files from the file currently being parsed. Make sure that /etc/sudoers only includes drop-in configuration files from /etc/sudoers.d, or that no drop-in file is included. Either the /etc/sudoers should contain only one #includedir directive pointing to /etc/sudoers.d, and no file in /etc/sudoers.d/ should include other files or directories; Or the /etc/sudoers should not contain any #include, @include, #includedir or @includedir directives. Note that the '#' character doesn't denote a comment in the configuration file.
    Rationale
    Some sudo configurtion options allow users to run programs without re-authenticating. Use of these configuration options makes it easier for one compromised accound to be used to compromise other accounts.
    Ensure invoking users password for privilege escalation when using sudoxccdf_org.ssgproject.content_rule_sudoers_validate_passwd mediumCCE-83422-6

    Ensure invoking users password for privilege escalation when using sudo

    Rule IDxccdf_org.ssgproject.content_rule_sudoers_validate_passwd
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-83422-6

    References:  CCI-000366, CCI-002227, CM-6(b), CM-6.1(iv), SRG-OS-000480-GPOS-00227, RHEL-08-010383, SV-237642r880727_rule

    Description
    The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. The expected output for:
     sudo cvtsudoers -f sudoers /etc/sudoers | grep -E '^Defaults !?(rootpw|targetpw|runaspw)$' 
     Defaults !targetpw
          Defaults !rootpw
          Defaults !runaspw 
    or if cvtsudoers not supported:
     sudo find /etc/sudoers /etc/sudoers.d \( \! -name '*~' -a \! -name '*.*' \) -exec grep -E --with-filename '^[[:blank:]]*Defaults[[:blank:]](.*[[:blank:]])?!?\b(rootpw|targetpw|runaspw)' -- {} \; 
     /etc/sudoers:Defaults !targetpw
          /etc/sudoers:Defaults !rootpw
          /etc/sudoers:Defaults !runaspw 
    Rationale
    If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password.
    Install rng-tools Packagexccdf_org.ssgproject.content_rule_package_rng-tools_installed lowCCE-82968-9

    Install rng-tools Package

    Rule IDxccdf_org.ssgproject.content_rule_package_rng-tools_installed
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-82968-9

    References:  CCI-000366, SRG-OS-000480-GPOS-00227, RHEL-08-010472, SV-244527r743830_rule

    Description
    The rng-tools package can be installed with the following command:
    $ sudo yum install rng-tools
    Rationale
    rng-tools provides hardware random number generator tools, such as those used in the formation of x509/PKI certificates.
    Uninstall abrt-addon-ccpp Packagexccdf_org.ssgproject.content_rule_package_abrt-addon-ccpp_removed lowCCE-82919-2

    Uninstall abrt-addon-ccpp Package

    Rule IDxccdf_org.ssgproject.content_rule_package_abrt-addon-ccpp_removed
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-package_abrt-addon-ccpp_removed:def:1
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-82919-2

    References:  CCI-000381, SRG-OS-000095-GPOS-00049, RHEL-08-040001, SV-230488r627750_rule

    Description
    The abrt-addon-ccpp package can be removed with the following command:
    $ sudo yum erase abrt-addon-ccpp
    Rationale
    abrt-addon-ccpp contains hooks for C/C++ crashed programs and abrt's C/C++ analyzer plugin.
    Uninstall abrt-addon-kerneloops Packagexccdf_org.ssgproject.content_rule_package_abrt-addon-kerneloops_removed lowCCE-82926-7

    Uninstall abrt-addon-kerneloops Package

    Rule IDxccdf_org.ssgproject.content_rule_package_abrt-addon-kerneloops_removed
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-package_abrt-addon-kerneloops_removed:def:1
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-82926-7

    References:  CCI-000381, SRG-OS-000095-GPOS-00049, RHEL-08-040001, SV-230488r627750_rule

    Description
    The abrt-addon-kerneloops package can be removed with the following command:
    $ sudo yum erase abrt-addon-kerneloops
    Rationale
    abrt-addon-kerneloops contains plugins for collecting kernel crash information and reporter plugin which sends this information to a specified server, usually to kerneloops.org.
    Uninstall abrt-cli Packagexccdf_org.ssgproject.content_rule_package_abrt-cli_removed lowCCE-82907-7

    Uninstall abrt-cli Package

    Rule IDxccdf_org.ssgproject.content_rule_package_abrt-cli_removed
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-package_abrt-cli_removed:def:1
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-82907-7

    References:  CCI-000381, SRG-OS-000095-GPOS-00049, RHEL-08-040001, SV-230488r627750_rule

    Description
    The abrt-cli package can be removed with the following command:
    $ sudo yum erase abrt-cli
    Rationale
    abrt-cli contains a command line client for controlling abrt daemon over sockets.
    Uninstall abrt-plugin-sosreport Packagexccdf_org.ssgproject.content_rule_package_abrt-plugin-sosreport_removed lowCCE-82910-1

    Uninstall abrt-plugin-sosreport Package

    Rule IDxccdf_org.ssgproject.content_rule_package_abrt-plugin-sosreport_removed
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-package_abrt-plugin-sosreport_removed:def:1
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-82910-1

    References:  CCI-000381, SRG-OS-000095-GPOS-00049, RHEL-08-040001, SV-230488r627750_rule

    Description
    The abrt-plugin-sosreport package can be removed with the following command:
    $ sudo yum erase abrt-plugin-sosreport
    Rationale
    abrt-plugin-sosreport provides a plugin to include an sosreport in an ABRT report.
    Uninstall gssproxy Packagexccdf_org.ssgproject.content_rule_package_gssproxy_removed mediumCCE-82943-2

    Uninstall gssproxy Package

    Rule IDxccdf_org.ssgproject.content_rule_package_gssproxy_removed
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-package_gssproxy_removed:def:1
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-82943-2

    References:  CCI-000381, CCI-000366, SRG-OS-000095-GPOS-00049, SRG-OS-000480-GPOS-00227, RHEL-08-040370, SV-230559r646887_rule

    Description
    The gssproxy package can be removed with the following command:
    $ sudo yum erase gssproxy
    Rationale
    gssproxy is a proxy for GSS API credential handling.
    Warnings
    warning  This rule is disabled on Red Hat Virtualization Hosts and Managers, it will report not applicable. RHV uses NFS storage, which has dependency on gssproxy.
    Uninstall iprutils Packagexccdf_org.ssgproject.content_rule_package_iprutils_removed mediumCCE-82946-5

    Uninstall iprutils Package

    Rule IDxccdf_org.ssgproject.content_rule_package_iprutils_removed
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-package_iprutils_removed:def:1
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-82946-5

    References:  CCI-000366, SRG-OS-000095-GPOS-00049, SRG-OS-000480-GPOS-00227, RHEL-08-040380, SV-230560r627750_rule

    Description
    The iprutils package can be removed with the following command:
    $ sudo yum erase iprutils
    Rationale
    iprutils provides a suite of utlilities to manage and configure SCSI devices supported by the ipr SCSI storage device driver.
    Uninstall krb5-workstation Packagexccdf_org.ssgproject.content_rule_package_krb5-workstation_removed mediumCCE-82931-7

    Uninstall krb5-workstation Package

    Rule IDxccdf_org.ssgproject.content_rule_package_krb5-workstation_removed
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-82931-7

    References:  CCI-000803, SRG-OS-000095-GPOS-00049, SRG-OS-000120-GPOS-00061, RHEL-08-010162, SV-230239r646864_rule

    Description
    The krb5-workstation package can be removed with the following command:
    $ sudo yum erase krb5-workstation
    Rationale
    Kerberos is a network authentication system. The krb5-workstation package contains the basic Kerberos programs (kinit, klist, kdestroy, kpasswd).
    Warnings
    warning  This rule is disabled on Red Hat Virtualization Hosts and Managers, it will report not applicable. RHV hosts require ipa-client package, which has dependency on krb5-workstation.
    Uninstall libreport-plugin-logger Packagexccdf_org.ssgproject.content_rule_package_libreport-plugin-logger_removed lowCCE-89201-8

    Uninstall libreport-plugin-logger Package

    Rule IDxccdf_org.ssgproject.content_rule_package_libreport-plugin-logger_removed
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-package_libreport-plugin-logger_removed:def:1
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-89201-8

    References:  CCI-000381, SRG-OS-000095-GPOS-00049, RHEL-08-040001, SV-230488r627750_rule

    Description
    The libreport-plugin-logger package can be removed with the following command:
    $ sudo yum erase libreport-plugin-logger
    Rationale
    libreport-plugin-logger is a ABRT plugin to report bugs into the Red Hat Support system.
    Uninstall libreport-plugin-rhtsupport Packagexccdf_org.ssgproject.content_rule_package_libreport-plugin-rhtsupport_removed lowCCE-88955-0

    Uninstall libreport-plugin-rhtsupport Package

    Rule IDxccdf_org.ssgproject.content_rule_package_libreport-plugin-rhtsupport_removed
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-package_libreport-plugin-rhtsupport_removed:def:1
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-88955-0

    References:  CCI-000381, SRG-OS-000095-GPOS-00049, RHEL-08-040001, SV-230488r627750_rule

    Description
    The libreport-plugin-rhtsupport package can be removed with the following command:
    $ sudo yum erase libreport-plugin-rhtsupport
    Rationale
    libreport-plugin-rhtsupport is a ABRT plugin to report bugs into the Red Hat Support system.
    Uninstall python3-abrt-addon Packagexccdf_org.ssgproject.content_rule_package_python3-abrt-addon_removed lowCCE-86084-1

    Uninstall python3-abrt-addon Package

    Rule IDxccdf_org.ssgproject.content_rule_package_python3-abrt-addon_removed
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-package_python3-abrt-addon_removed:def:1
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-86084-1

    References:  CCI-000381, SRG-OS-000095-GPOS-00049, RHEL-08-040001, SV-230488r627750_rule

    Description
    The python3-abrt-addon package can be removed with the following command:
    $ sudo yum erase python3-abrt-addon
    Rationale
    python3-abrt-addon contains python hook and python analyzer plugin for handling uncaught exceptions in python programs.
    Uninstall tuned Packagexccdf_org.ssgproject.content_rule_package_tuned_removed mediumCCE-82904-4

    Uninstall tuned Package

    Rule IDxccdf_org.ssgproject.content_rule_package_tuned_removed
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-package_tuned_removed:def:1
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-82904-4

    References:  CCI-000366, SRG-OS-000095-GPOS-00049, SRG-OS-000480-GPOS-00227, RHEL-08-040390, SV-230561r627750_rule

    Description
    The tuned package can be removed with the following command:
    $ sudo yum erase tuned
    Rationale
    tuned contains a daemon that tunes the system settings dynamically. It does so by monitoring the usage of several system components periodically. Based on that information, components will then be put into lower or higher power savings modes to adapt to the current usage.
    Warnings
    warning  This rule is disabled on Red Hat Virtualization Hosts and Managers, it will report not applicable. RHV requires tuned package for tuning profiles that can enhance virtualization performance.
    Ensure yum Removes Previous Package Versionsxccdf_org.ssgproject.content_rule_clean_components_post_updating lowCCE-82476-3

    Ensure yum Removes Previous Package Versions

    Rule IDxccdf_org.ssgproject.content_rule_clean_components_post_updating
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severitylow
    Identifiers and References

    Identifiers:  CCE-82476-3

    References:  18, 20, 4, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, 3.4.8, CCI-002617, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(6), CM-11(a), CM-11(b), CM-6(a), ID.RA-1, PR.IP-12, SRG-OS-000437-GPOS-00194, RHEL-08-010440, SV-230281r854034_rule

    Description
    yum should be configured to remove previous software components after new versions have been installed. To configure yum to remove the previous software components after updating, set the clean_requirements_on_remove to 1 in /etc/yum.conf.
    Rationale
    Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by some adversaries.
    Ensure gpgcheck Enabled In Main yum Configurationxccdf_org.ssgproject.content_rule_ensure_gpgcheck_globally_activated highCCE-80790-9

    Ensure gpgcheck Enabled In Main yum Configuration

    Rule IDxccdf_org.ssgproject.content_rule_ensure_gpgcheck_globally_activated
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-80790-9

    References:  BP28(R15), 11, 2, 3, 9, 5.10.4.1, APO01.06, BAI03.05, BAI06.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS06.02, 3.4.8, CCI-001749, 164.308(a)(1)(ii)(D), 164.312(b), 164.312(c)(1), 164.312(c)(2), 164.312(e)(2)(i), 4.3.4.3.2, 4.3.4.3.3, 4.3.4.4.4, SR 3.1, SR 3.3, SR 3.4, SR 3.8, SR 7.6, A.11.2.4, A.12.1.2, A.12.2.1, A.12.5.1, A.12.6.2, A.14.1.2, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, CM-5(3), SI-7, SC-12, SC-12(3), CM-6(a), SA-12, SA-12(10), CM-11(a), CM-11(b), PR.DS-6, PR.DS-8, PR.IP-1, FPT_TUD_EXT.1, FPT_TUD_EXT.2, Req-6.2, 6.3.3, SRG-OS-000366-GPOS-00153, RHEL-08-010370, 1.2.3, SV-230264r880711_rule

    Description
    The gpgcheck option controls whether RPM packages' signatures are always checked prior to installation. To configure yum to check package signatures before installing them, ensure the following line appears in /etc/yum.conf in the [main] section:
    gpgcheck=1
    Rationale
    Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
    Accordingly, patches, service packs, device drivers, or operating system components must be signed with a certificate recognized and approved by the organization.
    Verifying the authenticity of the software prior to installation validates the integrity of the patch or upgrade received from a vendor. This ensures the software has not been tampered with and that it has been provided by a trusted vendor. Self-signed certificates are disallowed by this requirement. Certificates used to verify the software must be from an approved Certificate Authority (CA).
    Ensure gpgcheck Enabled for Local Packagesxccdf_org.ssgproject.content_rule_ensure_gpgcheck_local_packages highCCE-80791-7

    Ensure gpgcheck Enabled for Local Packages

    Rule IDxccdf_org.ssgproject.content_rule_ensure_gpgcheck_local_packages
    Result
    notapplicable
    Multi-check ruleno
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-80791-7

    References:  BP28(R15), 11, 3, 9, BAI10.01, BAI10.02, BAI10.03, BAI10.05, 3.4.8, CCI-001749, 164.308(a)(1)(ii)(D), 164.312(b), 164.312(c)(1), 164.312(c)(2), 164.312(e)(2)(i), 4.3.4.3.2, 4.3.4.3.3, SR 7.6, A.12.1.2, A.12.5.1, A.12.6.2, A.14.2.2, A.14.2.3, A.14.2.4, CM-11(a), CM-11(b), CM-6(a), CM-5(3), SA-12, SA-12(10), PR.IP-1, FPT_TUD_EXT.1, FPT_TUD_EXT.2, SRG-OS-000366-GPOS-00153, RHEL-08-010371, SV-230265r877463_rule

    Description
    yum should be configured to verify the signature(s) of local packages prior to installation. To configure yum to verify signatures of local packages, set the localpkg_gpgcheck to 1 in /etc/yum.conf.
    Rationale
    Changes to any software components can have significant effects to the overall security of the operating system. This requirement ensures the software has not been tampered and has been provided by a trusted vendor.

    Accordingly, patches, service packs, device drivers, or operating system components must be signed with a certificate recognized and approved by the organization.
    Ensure gpgcheck Enabled for All yum Package Repositoriesxccdf_org.ssgproject.content_rule_ensure_gpgcheck_never_disabled highCCE-80792-5

    Ensure gpgcheck Enabled for All yum Package Repositories

    Rule IDxccdf_org.ssgproject.content_rule_ensure_gpgcheck_never_disabled
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-ensure_gpgcheck_never_disabled:def:1
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-80792-5

    References:  BP28(R15), 11, 2, 3, 9, 5.10.4.1, APO01.06, BAI03.05, BAI06.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS06.02, 3.4.8, CCI-001749, 164.308(a)(1)(ii)(D), 164.312(b), 164.312(c)(1), 164.312(c)(2), 164.312(e)(2)(i), 4.3.4.3.2, 4.3.4.3.3, 4.3.4.4.4, SR 3.1, SR 3.3, SR 3.4, SR 3.8, SR 7.6, A.11.2.4, A.12.1.2, A.12.2.1, A.12.5.1, A.12.6.2, A.14.1.2, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, CM-5(3), SI-7, SC-12, SC-12(3), CM-6(a), SA-12, SA-12(10), CM-11(a), CM-11(b), PR.DS-6, PR.DS-8, PR.IP-1, FPT_TUD_EXT.1, FPT_TUD_EXT.2, Req-6.2, 6.3.3, SRG-OS-000366-GPOS-00153, RHEL-08-010370, SV-230264r880711_rule

    Description
    To ensure signature checking is not disabled for any repos, remove any lines from files in /etc/yum.repos.d of the form:
    gpgcheck=0
    Rationale
    Verifying the authenticity of the software prior to installation validates the integrity of the patch or upgrade received from a vendor. This ensures the software has not been tampered with and that it has been provided by a trusted vendor. Self-signed certificates are disallowed by this requirement. Certificates used to verify the software must be from an approved Certificate Authority (CA)."
    Ensure Red Hat GPG Key Installedxccdf_org.ssgproject.content_rule_ensure_redhat_gpgkey_installed highCCE-80795-8

    Ensure Red Hat GPG Key Installed

    Rule IDxccdf_org.ssgproject.content_rule_ensure_redhat_gpgkey_installed
    Result
    pass
    Multi-check ruleno
    OVAL Definition IDoval:ssg-ensure_redhat_gpgkey_installed:def:1
    Time2023-09-07T06:59:49+00:00
    Severityhigh
    Identifiers and References

    Identifiers:  CCE-80795-8

    References:  BP28(R15), 11, 2, 3, 9, 5.10.4.1, APO01.06, BAI03.05, BAI06.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS06.02, 3.4.8, CCI-001749, 164.308(a)(1)(ii)(D), 164.312(b), 164.312(c)(1), 164.312(c)(2), 164.312(e)(2)(i), 4.3.4.3.2, 4.3.4.3.3, 4.3.4.4.4, SR 3.1, SR 3.3, SR 3.4, SR 3.8, SR 7.6, A.11.2.4, A.12.1.2, A.12.2.1, A.12.5.1, A.12.6.2, A.14.1.2, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, CIP-003-8 R4.2, CIP-003-8 R6, CIP-007-3 R4, CIP-007-3 R4.1, CIP-007-3 R4.2, CIP-007-3 R5.1, CM-5(3), SI-7, SC-12, SC-12(3), CM-6(a), PR.DS-6, PR.DS-8, PR.IP-1, FPT_TUD_EXT.1, FPT_TUD_EXT.2, Req-6.2, SRG-OS-000366-GPOS-00153, RHEL-08-010019, 1.2.2, SV-256973r902752_rule

    Description
    To ensure the system can cryptographically verify base software packages come from Red Hat (and to connect to the Red Hat Network to receive them), the Red Hat GPG key must properly be installed. To install the Red Hat GPG key, run:
    $ sudo subscription-manager register
    If the system is not connected to the Internet or an RHN Satellite, then install the Red Hat GPG key from trusted media such as the Red Hat installation CD-ROM or DVD. Assuming the disc is mounted in /media/cdrom, use the following command as the root user to import it into the keyring:
    $ sudo rpm --import /media/cdrom/RPM-GPG-KEY
    Alternatively, the key may be pre-loaded during the RHEL installation. In such cases, the key can be installed by running the following command:
    sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
    Rationale
    Changes to software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor. The Red Hat GPG key is necessary to cryptographically verify packages are from Red Hat.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234954
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234952
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234877
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234864
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234706
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234645
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234643
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234635
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234570
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234541
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234539
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234537
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234536
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234535
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234531
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234529
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234527
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234524
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234523
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234520
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234517
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234498
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234497
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234468
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234419
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234418
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234328
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234202
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234176
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234175
    Time2023-09-07T06:59:49+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234159
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234103
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234102
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234100
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234076
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234063
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234059
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234058
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234035
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20234034
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233949
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233922
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233847
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233840
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233839
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233837
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233827
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233822
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233821
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233819
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233811
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233781
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233780
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233661
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233594
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233593
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233591
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233590
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233588
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233584
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233582
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233433
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233425
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233351
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233350
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233349
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233319
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233246
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233221
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233220
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233109
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233108
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233107
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233106
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233104
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233097
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233095
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233087
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233083
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233082
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233068
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233067
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233042
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233018
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233002
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20233000
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232987
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232969
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232963
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232951
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232948
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232932
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232903
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232898
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232893
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232883
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232873
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232870
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232867
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232866
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232863
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232860
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232859
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232851
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232834
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232830
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232810
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232806
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232805
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232802
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232801
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232800
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232792
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232786
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232785
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232784
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232780
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232771
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232764
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232763
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232758
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232757
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232736
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232122
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20232076
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231930
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231919
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231908
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231898
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231895
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231802
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231787
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231743
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231673
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231659
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231584
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231583
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231582
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231576
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231572
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231569
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231566
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231551
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231405
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231403
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231336
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231252
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20231140
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230902
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230855
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230854
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230852
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230848
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230842
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230839
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230838
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230837
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230835
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230833
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230832
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230821
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230808
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230662
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230625
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230610
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230606
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230463
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230446
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230379
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230288
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230284
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230208
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230200
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230192
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230173
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230171
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230128
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230123
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230116
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230114
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230113
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230110
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230103
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230101
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230100
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230099
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230096
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230095
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230089
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230087
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230079
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230050
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230049
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20230016
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20229074
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20229073
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20229067
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20229058
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20228833
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20228649
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20228638
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20228554
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20228547
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20228492
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227928
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227830
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227826
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227822
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227821
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227813
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227811
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227793
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227790
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227745
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227730
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227720
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227715
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227704
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227700
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227692
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227683
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227648
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227647
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227645
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227643
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227640
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227639
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227633
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227628
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227624
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227623
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227622
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227618
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227594
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227593
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227592
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227585
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227583
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227581
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227558
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227548
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227541
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227529
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227524
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227519
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227514
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227482
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227472
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227470
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227469
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227464
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227461
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227458
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227457
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227447
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227444
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227192
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227190
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227137
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227134
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227133
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227129
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227128
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227119
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227111
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227110
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227108
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227106
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227105
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227089
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227070
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227024
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227023
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227012
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227006
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20227000
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226964
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226912
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226911
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226878
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226820
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226781
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226778
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226775
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226735
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226708
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226702
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226542
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226540
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226539
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226523
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226463
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226460
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226457
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226450
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226449
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226448
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226447
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226443
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226439
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226437
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226357
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226314
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226206
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226180
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226175
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226164
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226159
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226158
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226058
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20226057
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225839
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225837
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225834
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225826
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225823
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225821
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225819
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225818
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225813
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225809
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225779
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225777
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225775
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225774
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225726
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225717
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225696
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225683
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225597
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225565
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225564
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225526
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225470
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225469
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225468
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225467
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225344
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225338
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225337
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225331
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225326
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225319
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225317
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225316
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225314
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225313
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225311
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225219
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225163
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225095
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225061
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225056
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20225046
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224991
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224941
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224887
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224872
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224855
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224807
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224805
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224799
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224798
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224797
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224796
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224776
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224769
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20224661
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20222234
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20222202
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20222201
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20222200
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20222199
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20222143
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20222129
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20222120
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20222110
    Time2023-09-07T06:59:50+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010, 1.9, SV-230222r627750_rule

    Description
    If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates:
    $ sudo yum update
    If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using rpm.

    NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
    Rationale
    Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
    Warnings
    warning  The OVAL feed of Red Hat Enterprise Linux 8 is not a XML file, which may not be understood by all scanners.
    Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-80865-9

    Ensure Software Patches Installed

    Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
    Result
    pass
    Multi-check ruleyes
    OVAL Definition IDoval:com.redhat.rhsa:def:20222092
    Time2023-09-07T06:59:51+00:00
    Severitymedium
    Identifiers and References

    Identifiers:  CCE-80865-9

    References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-08-010010,